Phishing, this word is quite new to me and it sound like fishing! Phishing is defined by Webopedia is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.
EXAMPLES
One example would be if you received an e-mail that appears to be from your bank requesting you click a hyperlink in the e-mail and verify your online banking information. Usually there will be a repercussion stated in the e-mail for not following the link, such as "your account will be closed or suspended". The goal of the sender is for you to disclose personal and account related information. This type of e-mail scam is also called phishing.
One example would be if you received an e-mail that appears to be from your bank requesting you click a hyperlink in the e-mail and verify your online banking information. Usually there will be a repercussion stated in the e-mail for not following the link, such as "your account will be closed or suspended". The goal of the sender is for you to disclose personal and account related information. This type of e-mail scam is also called phishing.
Let me shows another example of what a phishing scam e-mail message might look like.
Example of a phishing e-mail message, including a deceptive URL address linking to a scam website. To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site.
These copycat sites are also called "spoofed" Web sites. Once you're at one of these spoofed sites, you might unwittingly send personal information to the con artists.
PREVENTION STEPS!After much study about examples and articles on phishing, this fraud action can be considered a dangerous online activity because they are usually used in targeting banks or other financial organizations that can allow the attackers to earn a considerable amount of money. Therefore, we need to be aware of this kind of fraud and must able to identify it before you get into trouble. So, here are some prevention tips to help you to avoid from getting “fished”!
1. Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser — phishers can make links look like they go one place, but that actually send you to a different site.
2. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
3. Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
4. Don't email personal or financial information.
5. Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
6. Be cautious about opening any attachment or downloading any files from emails you received, regardless of who sent them.
7. Forward phishing emails to spam@uce.gov – and to the company, bank, or organization impersonated in the phishing email. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
8. If you've been scammed, visit the Federal Trade Commission's Identity Theft website at ftc.gov/idtheft
references:
0 comments:
Post a Comment