IU professor warns against computer scams

Updated:

eBay is a popular target for phishing scams.

Dr. Minaxi Gupta

HEADLINES

Nancy Irsay urges testing for genetic lung disorder

Death of Drew Brees' mother ruled a suicide

Indiana's October unemployment rate at 9.8 percent

Indy Parks to raise fees

Hoosier kids can still send Santa letters

Boy gets a "leg up" with help from a friend

Three Manual students arrested for drug dealing

New IMA arts park will feature a 'castaway'

Car dealers joining in holiday shopping deals

Men rob Dunkin' Donuts store, make employees strip

Ray Cortopassi/Eyewitness News

Bloomington - An Indiana University professor is issuing a warning about online scams that could cost you your identity.

PayPal and it's parent company, eBay, know they're prime targets for "phishers" - online predators who trick users into giving up sensitive personal information. It happens by a process known as "redirecting" - a part of the web where you're linked to other sites.

But by manipulating the code in the "open" links found on the address bar, phishers can send you an e-mail with realistic-looking graphics and code, asking you to confirm or update your profile.

"Once you've been phished, they can log on as you to eBay, your bank account, do bank transactions," said Dr. Minaxi Gupta, a computer science professor at IU. "Phishing is a very big problem right now."

Dr. Gupta has studied the problem of phishing after some of her students wanted to find out just how vulnerable the system is. The concerned curiosity between two doctoral students became a semester-long, labor intensive research project.

The results surprised them.

"It's startling. There are a lot of risks to this for ordinary users," said Craig Shue, the lead author on the study.

Shue and Andrew Kalafut created a code - with Dr. Gupta advising - that tracked 2.5 million web pages. Of those, 180,000 had redirect links and a whopping 80 percent were "open".

"If they're open, you can manipulate the destination, take people to anywhere you want, make the page look like anything you want," Dr. Gupta said.

In addition to eBay and PayPal, banks are the most common targets.

"Most of us don't go back to the browser to see what it says," Dr. Gupta said.

"At some point, you kind of wonder if you should say, 'Don't click on links in e-mail, only go directly to the places', because links are getting more and more difficult to trust," Shue said.

If you suspect you may have been a victim of a phishing scam, contact the FBI via http://www.ic3.gov. If you were a victim of a fake PayPal site, you can e-mail the company at mailto:spoof@paypal.com.

You must be logged in to rate this story. Login or register

Comments

Terms of Use: We welcome your participation in our community. Please keep your comments civil and on point. You must be at least 13 years of age to post comments. By submitting a comment, you agree to these Terms of Service

You must be logged in to leave a comment. Login or register

See all comments

Close window Branding