Proofpoint: Security, Compliance and the Cloud

AppleInsider has the low down on a new phishing scam that targets users of Apple's MobileMe service. As they summarize: "In another attempt to con MobileMe users into providing their credit card information, a scammer has sent out spam spoofed to appear to come from Apple, which directs users to a fake site designed to look like Apple's. Users who follow the email link and enter their information on the poorly formatted, fake Apple web page will be sorry."

The emails ask users to update their "invalid or out of date" credit card information -- a hallmark of many phishing scams. Of course, recipients of any unsolicited request to update their identity or billing information should always be cautious.

It's worth reiterating Proofpoint's "golden rules" about staying safe online and avoiding these types of scams. Keep these 5 points in mind:

1. Be aware:View with suspicion any email with requests for personal IDs, financial information, user names or passwords. Your bank, online services or legitimate online stores are unlikely to ask you for this type of information via email. Consumers should also be suspicious of similar emails that appear to come from an employer. Never send personal financial information such as credit card numbers and Social Security numbers via email.
   
2. Don’t click: If you receive a suspicious email, don’t click the links in the email and never open file attachments from anything but 100 percent trusted sources. Links embedded in emails may take you to fraudulent sites that look similar or identical to the legitimate “spoofed” site. Instead of clicking, open a browser and type the actual Web address for the site into the address bar. Alternatively, call the company using a phone number you already know.
   
3. Be secure:When you are shopping online, entering important information such as credit card numbers, or updating personal information, make sure you’re using a secure Web site. If you are on a secure Web server, the Web address will begin with “https://” instead of the usual “http://”. Most Web browsers also show an icon (such as Internet Explorer’s “padlock” icon) to indicate that the page you are viewing is secure.
   
4. Don’t fill out email forms: Never fill out forms within an email, especially those asking for personal information. Instead, visit the company’s actual Web site and ensure that the page you are using is secure before entering sensitive information.
   
5. Keep an eye on your accounts: Check the accuracy of your credit card and bank statements on a regular basis, especially during this time of financial turmoil. If you see anything suspicious, contact the financial institution immediately.