Phishing messages are messages (typically email) that claim to be from a legitimate source such as a well known bank, financial institution etc.

Unfortunately, the reality is that many services do send out email relating to account changes and security notices, so it’s not practical (or a good idea) to just ignore these messages. Just follow these three easy tips to identifying phishing attempts and you’ll save yourself the heartache of having your system compromised or your identity stolen.

1) Suspicious links

Regardless of the type of potential phishing email you’re looking at, they will almost always be linking to a suspicious URL.

NEVER CLICK ON THESE LINKS, they usually lead to a site that attempts to install malicious software on your system.

There are two ways you can look at a URL without clicking on it:

• The first is to hover your mouse pointer over the link and leave it there for a few seconds. In most mail clients you will see a tooltip showing the destination URL.
• The second method is to view the HTML (or raw, or source view) of the message. You can then see the real destination links.

2) Viewing email headers

Email headers are the underlying technical details mail servers and mail clients use to define and deliver messages. The email headers are also usually a good give away to the real source of a message. This method is a little more tricky, however knowing how to read email headers is a useful skill since it gives you a greater insight into how email actually works behind the scene.

You’re essentially looking for any clues as to the real sender of the email. Although it is possible for some large providers to have dedicated email domains (facebookmail.com for example), the vast majority of the time legitimate email should come from a company domain. For instance, an email asking you to update your password for ACME bank should come from acme.com. If it’s being sent from a strange email address such as @aol.com or @hotmail.com, that should ring some alarm bells.

You can also look at the country of origin to see it’s a country you usually get email from. Tools such as DNSstuff.com (for DNS information) and CountryCodes.info (for information on country codes) are useful for this.

3) Sense of urgency

Most phishing attempts write about a sense of urgency in clicking a link to complete some sort of action. If your account is ever is compromised and you get email notification of this, we recommend logging a ticket on that company’s website or preferably calling the tech support line.

The same applies to phone calls. If you get a call from someone claiming to be your bank, it’s important not to disclose any personal information. They called you so they should have all of your details without needed to ask you. If ever in doubt, we suggest to thank the caller for contacting you and say that you will call them right back via the banks direct phone number. That way you can verify your speaking with a legitimate employee.

In summary, anyone can quickly and easily tell if a message is a phishing attempt regardless of how legitimate it looks. Any account that is linked to online finance, online shopping or webmail/social networks should be subject to scrutiny. Ideally, you should apply these three easy tips to all email you receive before you click on any links. It’s better to be safe than sorry.

A good email provider and/or anti virus package can also help a great deal with phishing email. Make sure you know how to use these systems to their fullest advantage.

There is no such thing as absolute security, so make sure you have regular backups and apply updates early and often. But what if a site you’re responsible for has been hacked? Even after you clean up the damage it’s always a good idea to check to make sure that your site hasn’t been blacklisted.

If your IP address or domain has been blacklisted it could affect your ability to send email and/or appear on the search engine results pages. A quick search will yield dozens of tools that can help you with this. This article should at least help get you get started.

Since a compromised server could have been used to send spam email, distribute malware or host/post webspam it’s worth checking the DNS-based (DNSBL) blacklist providers, as well as search engines.

To check if your mail server has been blacklisted, MXToolbox has a great feature along with many other useful tools for mail troubleshooting.

• http://www.mxtoolbox.com/blacklists.aspx
• http://whatismyipaddress.com/blacklist-check

To check if your website or domain is blacklisted in Google, the following tool should help:

• http://onlinealley.com/seotools/googlebannedchecker/

Sites can get blacklisted for a variety of reasons, so if it happens to you all is not lost.

If you’re interested in giving your iPhone and iPad users a nice shiny (or even not-so-shiny!) icon when they add your page to their home screen, this article is for you.

The shiny icons you see when you save a web page to your home screen is called a Web Clip Icon.

To add an icon for Safari on iOS all you need to do is add a PNG image called apple-touch-icon.png to your web root. This is similar to how favicon’s work. If you’d prefer to not have the glossy effect applied to your icon, simply call the file apple-touch-icon-precomposed.png and it will display as is.

Alternatively you can specify an icon by using the following:

<link rel=”apple-touch-icon” href=”/custom_icon.png”/>

If you’d like to create high resolution icons for each iOS device, you can individually target each device like so:

<link rel=”apple-touch-icon” href=”touch-icon-iphone.png” />
<link rel=”apple-touch-icon” sizes=”72×72″ href=”touch-icon-ipad.png” />
<link rel=”apple-touch-icon” sizes=”114×114″ href=”touch-icon-iphone4.png” />

For more information visit the Safari Developer Library at http://goo.gl/I79Ey, you can also get a detailed list of all of the available image metrics and examples at http://goo.gl/CAwnh.

If you have any spare IT gear laying around gathering dust, donate it to the Queensland Floods IT Relief Programme.

Currently the only drop off point is at 17/160 Lytton Road, Morningside in Brisbane but points in other states should be listed shortly.

If you run Nagios and are interested in displaying your statuses on a large screen, CoffeeSaint may be worth looking at. I haven’t tried it yet, but will be taking a look in the near future.

CoffeeSaint is a fully customizable Nagios status viewer. It grabs the status from a Nagios server and displays it in a fullscreen GUI. CoffeeSaint is compatible with Nagios version 1, 2, 3 and xi (and Groundwork).

The main features of CoffeeSaint are:

* Can display an image on the background (this can also be a URL)
* Remotely configurable via built-in webserver
* Handles all Nagios versions
* Can retrieve Nagios statuses remotely
* Can play a sound if the status goes to error
* Written in Java so should run on all systems (linux, microsoft windows, apple mac)
* Font/font size/background color/number of rows displayed are configurable
* Uses “least squares estimate” to predict error count
* Can show the status of multiple Nagios servers in one screen
* Sort-order fully configurable
* Can run in fullscreen mode – can also span multiple screens
* Can prioritize configurable hosts/services (using regular expression patterns)
* Can filter hosts/services
* Sparklines with performance data (plugin data as gathered by Nagios) and latency data

CoffeeSaint has been tested with a setup of 800 hosts and 5600 services.

Visit http://vanheusden.com/java/CoffeeSaint/ for more information.

A while ago I came across twill whilst working on a testing project and thought others may also be interested. twill is essentially an open source web testing tool written in Python. twill allows you to browse the Web from a command line interface. twill supports cookies, forms and most common interactions.

Below is an example of a simple Google search, taken from their example page:

setlocal query "twill Python"
go http://www.google.com/
fv 1 q $query
submit btnI # use the "I'm feeling lucky" button
show

For more information visit http://twill.idyll.org.

If you can afford to do so, please donate generously to the victims of the Victorian bushfires.

OurCommunity has several options for donating.

www.ourcommunity.com.au/bushfirehelp

Thanks to everyone that came along tonight to hear my talk on Google Mapplets at the Adobe User Group. The discussion went beyond Google Maps and Mapplets, but also included Street View and other mashups and location based services. For those who are unfamiliar with Google Mapplets, they are small applications that run within Google Maps. Mapplets build upon and extend the standard functionality of Google Maps and are already being used to create some very interesting mashups. For example, you can overlay several published Mapplets from the Google Mapplet directory to get a combined view of several overlays.

Mapplets are essentially Google Gadgets (which are iGoogle widgets) that interface with the standard Google Maps API. They are hosted on Google’s servers, as opposed to a typical Google Maps application running on your server.

Mapplets provide exposure to existing mapping applications via the Google Mapplet directory, but more importantly by being used in conjunction with another Mapplet (or Mapplets) in a way that the original creator would have never thought of. If you’re working with any mapping project, I definitely encourage looking into Mapplets.

For more information visit http://code.google.com/apis/maps/documentation/mapplets/, Google provides lots of good documentation on this topic.

The 2008 SAGE-AU Victorian IT Symposium is a one day technical conference held in Melbourne. It is organised by the SAGE-AU Victorian Chapter and aims to provide an educational forum for systems and network administrators, system managers, developers and other technical professionals to meet and share their knowledge and experiences. This is the fifth year running for this event, focusing on a providing a fast paced stream of technical presentations.

Register:
* Early bird registrations until 16th May 2008 (this week!)
* Register online at: http://www.sage-au.org.au

Location:
Hotel Grand Chancellor
131 Lonsdale Street
Melbourne

When:
Friday 30th May 2008, 9am – 5pm

Programme:
* Evolution of Storage – Cameron Huysmans (Total RISC Technology)
* EMC Next Generation Products – Shane Moore (EMC)
* Routing and Security Platforms – Lachlan Kidd (Cisco)
* Life-cycle Management of Red Hat Enterprise Linux – Michael Wahren (Red Hat)
* Apple Technology Update – Joseph Cox (Apple)
* An Illustrated History of Software Failure – Paul Fenwick (Perl Training Australia)

The 2008 SAGE-AU Victorian IT Symposium is proudly supported by our Gold Sponsors Red Hat, EMC Corporation and Total RISC Technology.

You can find out more details at: http://www.sage-au.org.au

I went along to the first Melbourne Flex User Group meeting tonight, OzFlex. I must say it was exciting to see the enthusiasm of some of the local developers in building a community that focuses on RIA. The presentation by Matt Johnston walked through a simple AIR application highlighting the native menus and the file system API. If you’re working with Flex and interested in presenting, get in touch with Matt.