By Richard Okolo
Email has become the communication standard on the Internet. Individuals and corporations alike periodically send out legitimate notices to inform their readers of pertinent information. But every so often you may receive an e-mail in your account which may ask you for personal and/or financial information. Other than being standard spam email, you may have received a phishing email.
Phishing (fish´ing) (n.) can be defined as spam e-mail made to look like it is actual corporate documentation. Phishing scams try to “fish” information from unsuspecting e-mail users because they look real. They trick consumers into submitting personal information by responding to spam that looks like it is from a legitimate source (e.g. your bank or an e-commerce site) by including company logos and verified web links.
This e-mail directs the user to visit a website where they are asked to update personal information (e.g. your name, address, phone number, date of birth, social security number(s), credit card and bank account numbers, personal information, etc) that legitimate businesses already have. These types of websites are bogus and are created solely to steal the unsuspecting user’s information. Unknowingly, by providing this kind of information to “phishers”, consumers place themselves at great risk for identity theft.
The concept of phishing incorporates the methodology behind actual fishing. This involves “bait” being thrown out with the hopes that while most will ignore the bait, some will be tempted into biting. By sending out spam e-mail to large groups, the “phisher” hopes the e-mail is read by a high percentage of people, increasing their chances of more responses.
In recent months, consumers of eBay, PayPal, The Royal Bank of Canada and Citibank have been subjected to phishing schemes. Unfortunately, these attacks are not going away either. Phishing schemes seem to be more common nowadays as more people are online using e-mail. Also, with the increase in e-commerce transactions, people are now more susceptible to becoming victims of identity theft.
How do you avoid being a victim?
There are ways to protect yourself against phishing schemes. Some of them are as follows:
– If you get an e-mail or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Reputable firms do not solicit information via e-mail . If you have concerns, contact the organization directly by phone or in person. Also, be aware of unsolicited phone calls and visit from individuals asking about employees or other internal information. If an unknown individuals claim to be from any legitimate organization, verify his or her identity directly with their stated organization(s).
– Don’t e-mail your personal or financial information. E-mail is not always a secure method of sending information. If you are performing a transaction, look for signs that a website is secure (e.g. the lock icon on your web browser’s status bar or for a website that begins with https: (the “s” indicating security). Malicious websites often look very similar to legitimate ones, but their URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Be aware that some phishers will use forged security icons.
– Make sure you constantly review your credit card and bank account statements as soon as you receive them. This will allow you keep your financial records up to date and determine whether there are any unauthorized charges. If your statement arrives late, call your credit card company or bank to confirm your account information.
– Always use anti-virus software and keep it up to date (purchase an ant-virus program that updates automatically). Anti-virus software scans your computer and protects your PC against malicious files. Be especially aware of executable files (ones ending in the .exe extension). Phishers will often place software in their e-mails that will harm your computer system and/or track your activities online without your consent. Your anti-virus software should recognize current viruses as well as older ones; as well as clean harmful files and reverse their damage.
– Always use a firewall when surfing on the Internet. A firewall helps block communications from unauthorized sources. This is imperative if you have a DSL or broadband connection. Most operating systems have a firewall built into them. You can also purchase firewall software for your computer if you desire.
– Your operating system (e.g. Microsoft Windows or Linux) may offer free software “patches” to close holes in the system that hackers or phishers could exploit. Be sure to download and install these patches at your earliest convenience. For Microsoft users, go to Microsoft Security at http://www.microsoft.com/security/default.mspx and update your PC.
– Finally, be cautious about opening any attachment or downloading any files from e-mails you receive, regardless of who has sent them.
For more information on spam and phishing please visit these sources below:
To report phishing email, forward the email to spam@uce.gov. If you have been scammed, file your grievance with the Federal Trade Commission at www.ftc.gov.
To minimize your risk of identity theft, go to the Federal Trade Commission Identity Theft website at www.consumer.gov/idtheft. Visit www.ftc.gov/spam to learn more about spam and email scams.
For additional information on phishing visit the Anti-Phishing Working Group website at http://www.antiphishing.org/phishing_archive.html.
For additional information on how to avoid email scams, please read the article “How Not To Get Hooked By A Phishing Scam” at http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
Copyright © 2010 The Nusqu Group. All Rights Reserved.
No Comment
You can post first response comment.