Let’s say I know the correct address of my bank and I log in the
first time I use my account. Once logged in, I click on a random link
within the bank’s web site, and make sure that the next page is an
https page and the security lock is present. If I bookmark this page,
and use only the bookmark as my means of accessing the web site, is
there any possibility I can be phished?
“Any possibility” is kind of a strong statement, but in general the
approach you describe is sound and something I’d feel safe doing
myself. In fact, by virtue of using a password safe such as Roboform, it’s
pretty much exactly what I am doing.
There are still ways you can be compromised, though, so we need to
look at just what a phishing attack is, and how you can prevent
phishing, and more.
In the broad sense, phishing is just an attempt to get you to click on a link in email that claims to be one place, but is in fact something else. If you do click through a phishing link, the destination site may well look like what you expected, but if you look closely at the domain in the address bar you’ll typically see that it’s not what you intended at all. Enter, say, your user name and password, and you’ve just given it to a phisher.
The conventional advice is to never click on links in email for sensitive sites, but rather always type them in by hand.
Using a bookmark of some sort is an acceptable approach as well, because you’re going to a site/page/URL that you know is correct, because you saved it earlier from a known safe visit to that site. Use that, and it’s pretty much the same as having typed in by hand.
In either case, you’ll have sidestepped the phishing attempt simply by not clicking on a link in email or on some other site that was questionable, but somehow entering it yourself.
However, in theory, things could still be compromised in other ways.
As one example: a virus infecting your machine could alter your bookmarks. Use the bookmark you thought was for your bank, and you might get taken to a phishing site. For the record, I’ve not heard of any virus that actually does this, probably because once you’ve been infected there are simpler approaches to redirecting you to a phishing site.
That simpler approach is to modify your “hosts” file. This is actually a fairly common approach some viruses take. The hosts file can contain “overrides”, if you will, that allow the attacker to redirect the actual domains of banks, anti-virus vendors, and more to servers of their own choosing. When this happens, “paypal.com” may not actually take you to Paypal, but to a malicious web site posing as Paypal.
Using a bookmark in this case doesn’t save you, but then neither does typing in a URL by hand. If the malware has hijacked the very meaning of “paypal.com” on your machine, then there’s little you can do about it.
The good news is that because this is a common attack by malware most all good anti-malware software will protect you from it.
And it also illustrates once again why prevention, not just through anti-malware software, but by learning good internet safety habits is so important.
So absolutely, use the bookmark – I do. But remember that you must also continue to rely on the rest of your internet safety strategies as well.