The holidays are upon us, but it’s not all gift giving, tree trimming and eggnog drinking. This is also the time of year when scammers come out in force. While OpenDNS is the single best way to protect yourself and your loves ones from phishing and forgeries, education is key. To complement our great phishing quiz my colleague Erin posted about here, we’ve compiled a list of the most common, and tricky, holiday phishing scams. Brush up, take note and avoid getting duped.

Scam: Air Travel Deals

With so many travelers still scrambling to buy last-minute air tickets, it’s important to be extremely careful when clicking through to an airline’s website from a promotional email. Phishing websites like this one spoofing American Airlines are not legitimate. The URL for this one, www.aa-advantager.com, is the giveaway — even though it’s close to the real domain (www.aa.com).

Scam: Holiday Shopping

If you’re like me, you’re doing most of your holiday shopping online this year. So it’s no surprise that scammers are spoofing websites like eBay (one of the most spoofed brands in phishing scams all year long) and trying to trick shoppers into entering their login credentials. When doing shopping online, the safest way to get to your destination site is to type its URL directly into your address bar.

Scam: Money Transfers

For better or worse, lots of people skip the gift buying altogether and just give cash. That’s why we’re including money transfer-themed phishes on our list. We can’t stress enough: any time you deal in currency online, be extra careful. The safest way to get to a website is to type its URL straight into your address bar.

Scam: Connect with Loved Ones

No doubt Skype usage increases during the holidays when the revolutionary service is used to see the smiling faces of family members abroad. But we all need to take great caution when phishes this sophisticated exist. Note that while the URL (http://skype.host.org/account/signin_form.php) is very convincing, it’s not the real Skype domain.

Today we unveil DNSCrypt, a new security tool we’ve developed that has been on our minds for a long time. It has a simple but important function: encrypt all DNS traffic between you and OpenDNS. Nothing else like it exists, and we have very high expectations for the positive impact it can have on the Internet security and privacy of millions of people around the world.

DNS is a critical part of the Internet’s infrastructure, and though a good deal of attention has been paid to improving its security in recent years with DNSSEC, an important part has been overlooked. It’s what’s often referred to as the “last mile,” or the connection between you and your ISP or your DNS provider, if you use a DNS service like OpenDNS. It’s in this “last mile” that bad things are most likely to happen — snooping, tampering, or even hijacking traffic. Anyone who knows what they’re doing can eavesdrop on your Internet activity and see exactly which domains you are resolving, and in many cases, what websites you’re visiting.

It happens all the time on insecure networks at coffee shops, and even residences. Some ISPs have even been accused of spying on their customers’ activity. What’s worse, the “last mile” is ripe for man-in-the-middle attacks, where an intermediary injects themselves into your traffic path masquerading as your intended destination, but all the while, being able to see and modify your traffic. This leaves little confidence for the Internet user.

DNSCrypt changes this and has the potential to completely revolutionize Internet security. DNS has, unfortunately, always had some inherent weaknesses because it’s transported in plain text. DNSSEC has never attempted to address that (crazy, I know). Encrypting all DNS traffic means a fundamental change to the security of the system on the whole and a strong improvement. It’s not the only solution, and there’s still an important place for verification and validation of domains like DNSSEC provides, but it’s a very strong first step.

We’ve been sharing DNSCrypt with security experts over the past several weeks and the feedback has been phenomenal. A tool like DNSCrypt is critically necessary to ensure the security of DNS going forward. DNSCrypt is a “technology preview” today, and the code is being open-sourced. For the über-nerds, our implementation is the first (known) implementation of the forwarder ideas expressed in the DNSCurve community, which many will recall, we were one of the first to implement.

Download DNSCrypt today and try it for yourself.

One of our most important goals at OpenDNS is educating people on Internet dangers so they can make informed choices on how to best manage their networks. Last week we released a phishing quiz, hoping we could show people just how difficult it is to spot the difference between a phishing site and the real website.

The quiz was designed to be difficult, but our users were hoping for something more than a challenge. The comments poured in, encouraging us to create a powerful educational tool that you could use to help teach people how to avoid getting phished.

You had our attention. Many of you, who know that cyber criminals can create exact replicas of real sites by simply copying the image and hosting it at a different domain, were frustrated that the quiz didn’t include URLs. Others, hoping to use the quiz to teach friends and family about the dangers of phishing, asked us to create something that showed why seemingly legit sites were actually phishes.

So, we incorporated your feedback into a new version of the quiz. We hope you’ll find this to be a useful tool to help people learn the dangers of phishing, and how to avoid them. As always, the easiest way to avoid getting phished is to use OpenDNS. That’s because OpenDNS runs PhishTank, the world’s largest community-powered online clearinghouse for phishing, and uses it to automatically block phishing sites for all OpenDNS users.

Take the quiz now!

It’s a story we’ve heard time and again. Public school budgets are smaller than ever, and the funds devoted to improving technology (and security) get cut in half, and then cut in half again. Network administrators at schools are forced to piece together legacy hardware and out-of-date software with some clever work-arounds in order to keep kids protected from malware, phishing and unsafe content.

Unfortunately, this often results in security loopholes and inconsistent filtering policies for kids (who are usually tech smart enough to figure out how to get around them) and a whole heck of a lot of work for network administrators.

OpenDNS is changing all that. With OpenDNS, schools can can turn filtering and malware protection into cost-savings initiatives instead of cost centers, and they can ensure that protection is universal across an unlimited number of locations. And this isn’t just speculation on our part – we shared a new milestone this morning that proves it’s reality. We announced that 90 percent of public K-12 schools in Maine are using OpenDNS. For us, it’s a huge honor and privilege to be given the responsibility of protecting nearly every kid in Maine. But for the state of Maine, it’s a lot more.

We tip our hat to Maine for being on the cutting-edge of technological innovation, lifting the burden of appliance management and limiting the dangers of security loopholes. And we send a very big congratulations to the team at Networkmaine, the organization that operates and maintains all network infrastructure for Maine’s K-12 schools and libraries, who identified that using OpenDNS would not only allow the state of Maine to significantly improve the security it uses to protect kids, but that universal deployment would put them at the forefront of keeping kids safe online.

Last year we announced that 1 in 3 public K-12 schools in the U.S. were using OpenDNS, and although we celebrated the milestone, we went to work right away to make OpenDNS the choice of all schools. We added the academic fraud category for content filtering and created the K-12 forums in our community section. And we’re not done yet. If you have ideas for how to make OpenDNS better for schools, tell us what you need. David and our engineers are closely monitoring the IdeaBank, where you can share suggestions for product improvements, and we’re always listening at Success@OpenDNS.com.

Editor’s note: October is National Cybersecurity Awareness Month here in the U.S. so we’re catching up with Thomas Mitchell, a Managed Service Provider who deploys OpenDNS Enterprise on nearly all the networks he manages, for a few tips on improving Web security and avoiding costly IT disasters.

OpenDNS: You work as an OpenDNS ambassador of sorts, recommending and installing it for your customers. Why did you choose OpenDNS over competitors?
TM: I discovered OpenDNS because I was looking for a way to keep my family safe online. After further exploring OpenDNS business solutions, I realized it was ideal for many of my clients. Appliance-based systems are costly to set up and maintain. We had experimented with proxy-based web filtering, but that brought other issues. And the last thing we wanted to do was roll out software to end user devices because we’re now seeing a myriad of smart phones and tablets in addition to desktops and laptops. OpenDNS was quick to set up, easy to maintain and a single dashboard allows us to look after all our clients from the same place. It really was a simple decision and one we would make again.

OpenDNS: You must inherit disasters of all sorts. What’s the ugliest thing you’ve seen?
TM: We recently took on a new client and all the users on their network were complaining of performance problems and other random issues. The network had over 200 viruses and a ton of malware. This was mostly because there wasn’t a comprehensive preventative security strategy in place. As expected, when we put proper precautions in place, including OpenDNS, there was an immediate improvement.

OpenDNS: What’s the best tip you can offer to computer and Internet users for avoiding costly IT repairs?
TM: Security. If you make sure your machine is patched with the latest updates for your software and a current anti-virus installed, and add OpenDNS to the mix, you’ll find most problems are prevented in the first place. Beyond that, I’d advise not to install applications or free software that you don’t need.

OpenDNS: What about a tip for small businesses who can’t afford an in-house IT person?
TM: Find a local IT support company that offers proactive, unlimited support. This way you get the benefit of having a whole team of specialists to look after your IT. Just make sure the service is unlimited. That way your IT support team is motivated to prevent issues rather than wait and charge by the hour for fixing the inevitable.

OpenDNS: What’s one thing people should do before picking up the phone to call their IT guy when they think there’s an issue?
TM: Turn it off and on again. It probably seems too simple to work, but you’d be amazed the amount of people who call us with problems that a simple reboot would fix. Going beyond that, a search in Google often finds a solution in no time at all. Just remember to be specific in your search, type in the exact error you are seeing. The odds are someone will have seen it, and fixed it before.

Thomas Mitchell runs TechSolvers, an IT and Managed Services support consultancy in the UK. Want to answer five questions for OpenDNS like Thomas? Email your OpenDNS success story to Success@OpenDNS.com.

Attention Managed Service Providers: OpenDNS can protect your clients, too. Click here to learn more.

One of the many reasons more than 30 million people around the world choose OpenDNS is a feature called automatic typo correction.  It works by automatically redirecting common typos in top-level domains (.com, .net, .edu, etc.) to the right place, so if you type www.google.cmo, and that domain doesn’t exist, we just automatically take you to www.google.com.

Although this feature helps with a tremendous amount of typing mistakes and enables people to stay on-course online, an increasingly popular phenomenon called typosquatting means there are still typos we can’t fix, some of which are much more precarious than a dead end.  Typosquatting is what happens when someone registers a domain that’s nearly identical to that of a popular brand: Twtter.com and Twitter.com, for example. It banks on the idea that a fast-fingered typist may not notice that she’s arrived at the unintended site due to an omitted “i”. And since the typo exists in a real, registered domain, we don’t interfere.

Twtter.com is a particularly tricky example. In the case of this site, the typo — an omitted “i” — might not even be apparent at first glance.  The people who run this site are clearly trying to capture typo traffic destined for Twitter.com.  And regardless of the fact that the site has a URL redirect (the domain in the address bar changes after the site has been resolved), the blatant use of Twitter’s well-known design themes prove the site is aiming to fool people into thinking it’s the real website of Twitter.

Typosquatting is not new, but this sort of high-polish, branded version seems to be on the rise.  In the case of Twtter.com, the Twitter.com imposter, the site’s entire function is to get your contact information. A very appealing offer is presented to answer two survey questions and get what is, by all accounts, an awesome prize: an iPad2. It’s unclear what will happen with your personal information once it’s in the wrong hands — it could range anywhere from being used to send SMSs to your cell phone that you get charged for or simply selling your email address.

As with any online threat, protecting yourself and those people using the networks you manage starts with education.  Here are three tips for outsmarting typosquatting:

1. Use OpenDNS:  It’s the only service that will automatically correct common typos in TLDs, and help ensure you end up at the website you want.  OpenDNS solves a large portion of the problem, and also automatically blocks phishing websites.

2. Watch the address bar:  Legit websites rarely do redirections like Twtter.com does.  Keep an eye on what the site is doing and note suspicious redirects.  Also simply note the URL of the website you’re visiting after you’ve been taken there. Is the site the one you wanted? Did you make a typo?

3. Don’t share your personal information:  If a website offers you a chance to win a prize, simply for providing personal information or taking a survey, be skeptical.  You should never share your personal information online unless you’re on an extremely trusted website.

For businesses, schools and households alike, online safety is of the utmost importance. And it’s all about education.  Know what to look for and you can outsmart much of the bad stuff.  And use OpenDNS and tell others to do the same.

We’d love to hear your thoughts:  We’re considering an opt-in service that would let people avoid these kinds of unintended redirections.  Even in cases like that of Twtter.com, where technically it’s a real, registered website.  What do you think?  Would you use such a service?

For the past several months Christian Kreibich and Nicholas Weaver over at the International Computer Science Institute in Berkeley, California, have been tracking a laundry list of ISPs to confirm what they thought to be true: that the ISPs are intercepting customers’ search queries and surreptitiously redirecting them to advertiser or affiliate links. What’s being alleged is that when the ISP customer types something into his or her own browser address bar, instead of making a DNS request or sending the traffic to the browser-configured search provider, the ISP decides which page the customer is taken to and just sends them there. Last week New Scientist magazine broke the story about the findings and caused a stir across the Internet, which has also prompted Congress to take a look, potentially calling some of these ISPs and bad actors in front of the new Congressional Subcommittee on Privacy, Technology and the Law.

Keyword redirection is something new we’ve not seen before, and it’s particularly pernicious, but the practice of ISPs somehow trying to shake more nickels out of their customers is certainly not new. It’s happened before here and here. There are some technical similarities to what we do and what these ISPs are doing, though our methods and motives could not be more different. One of the most important differences relates to choice — everyone chooses to use OpenDNS but most people, if they are lucky enough to have access to broadband at all, only have one choice of ISP.

Our goal at OpenDNS is to help protect people from exactly this kind of security and privacy violation, be it from a malicious hacker or even your ISP. In fact, one of the great ironies in this saga is that while we have never done the things the ISPs are being accused of, we did pioneer some of the techniques that ISPs are using to accomplish this redirection. That doesn’t make us very happy.

Everything we do at OpenDNS has been with our users’ best interests in mind. We’ve always operated an opt-in service with the sole aim of making you thrilled about using it. Using OpenDNS provides you a healthy level of insulation and privacy between you and your ISP. In the case of the newly-found keyword redirection, switching to OpenDNS empowers you to regain control over your address bar. With OpenDNS enabled, the ISP-controlled keyword redirection stops happening and your address bar searches go back to taking you where you want them to.

I fear the keyword redirection the ISPs are being accused of doing is only the beginning, as we’re seeing more and more evidence of ISPs doing things (that most would agree) they shouldn’t be doing. Even if you use OpenDNS and the ISP keyword redirection fails, it’s unclear whether ISPs are still able to sniff your traffic and create a profile about your Internet use – a blatant privacy offense. The idea of anyone, including your ISP, spying on your traffic raises serious security and privacy concerns.  We fully intend to follow this closely and continue to help you do something about it.

You can be sure we will respond by delivering even stronger solutions that protect your security, privacy and ability to use the Internet unencumbered anywhere in the world, on any device, at any time.

I talk to our customers often, and lately I’ve been hearing that they are seeing more and more diversity in the types of devices connecting to their network. More importantly, these devices are not being provisioned by the IT folks, but are being brought in by the employees. iPads, iPhones, Droids, Tablets and others are connecting into the enterprise network. Unlike a decade ago where IT could easily say no to an unmanaged device, it’s harder today when everyone wants to use one, including your CEO.

As the IT guy or gal, it’s your job to both protect the network and make it accessible, two roles often at odds. I’ve discovered that many of you are using OpenDNS to provide malware and botnet protection, along with all our other services, to help protect these devices. Since our service lives in the network, it doesn’t require any on-device client software and we don’t care if you’re running iOS 4.3 or 5.0 — or Android Froyo or Gingerbread. Our protection is device agnostic.

It turns out though, we aren’t the only ones seeing this trend. Analyst firm IDC published a study this week on this exact topic, the consumerization of IT. They note that employees are increasingly using laptops, smartphones and tablets to get work done.

In addition, increasingly those employees are working in coffee shops, on airplanes, even while traveling in cars (as passengers, of course). Traditional security appliances and services weren’t designed for this. It’s an IT problem for companies, which means it becomes a problem for network admins, everywhere.

I am interested in these kinds of studies because I know that OpenDNS is a solution.

For those new to our service, OpenDNS provides a simple malware blocking service that’s more powerful than anything else available. By simply pointing to our IPs and configuring your settings in our web-based dashboard, you can immediately protect your network.

Back to the study. Some impactful, but not altogether surprising, stats:

• 83% of IT people called “Security Concerns” the greatest barrier to actually enabling employees to use mobile devices for work. (Even though they’re clearly already using them.)
• 40% of devices used to access business applications are personally owned in 2011, up from 30% in 2010.
• Only 50% of employees reported their desktop PC as the most critical business device in 2010. But even less, only 35% expect it to be in 2012.
• 74% of IT people consider employee-provided tablets as a security threat.
• 80% of IT people described security as an “Urgent” concern.

Lastly, Stacey Higginbotham over at GigaOm, published a neat infographic of the major stats from this study. If you are the IT hero in your office, it makes for some sobering reading, and if you aren’t, you might want to point your IT staff over to take a look.

What do you think?