Billy Florence - Phishing: Don't Get Caught
The internet - Love it or hate it; it's here to stay. Undoubtedly one of the most useful things to emerge from it has been the communication revolution that is electronic mail. It's easy, fast, and ever so convenient. However, somewhat frighteningly, it also provides criminals with an opportunity to steal your savings or identity without you having any clue what is happening.
Phishing is a highly advanced, online form of fraud. Phishers, perpetrators of phishing, use email to request highly sensitive information such as; credit card details, social security number, passwords and much more. You are probably thinking; 'only an idiot would hand out such information to a complete stranger, right?' Wrong. Phishers are highly skilled at what they do and with the advent of online banking and other such services it can be extremely easy to be duped into giving out your details to the wrong person. Indeed, it is more and more commonly very computer/internet-literate people that fall prey to these criminals. Moreover, it's not only people that bank online that are at risk, users of eBay, PayPal, Amazon, MySpace, and many other such sites are also specifically targeted.
Phishers prey on deception and ignorance. This is actually a good thing because it means that by our common endeavor, we can fight back. To this end, it is important that you know exactly what can be done to reduce your risk of becoming a victim. Firstly, never trust the sender's email address or domain name to be accurate, this can easily be faked or made to look extremely similar to the address of a site/business you know/trust. Secondly, remember that nothing you send via email is secure; always assume that the email you are sending could be intercepted by some unknown third party. If you assume the worst then you will not risk sending anything confidential through email - would you go out onto a busy street and shout out your bank account details? Of course not, but by sending them via email, you could potentially be doing something very similar. Perhaps the most important 'take-home' message in this article is that you must never trust a link to a web site provided by an email. This is due to the existence of mirror sites. Phishers are known to create websites that look very similar to the log-in pages of other websites (e.g. eBay, bank of America, earthlink). However, if you enter you details into the fields provided by the scamster, they will be sent directly to the phisher, who will now have full access to your account.
To avoid the trick and lower the risk, always type the address of the site you want to visit directly into the address bar of whatever browser you use. Also, look for the presence of a little 'lock' image in the status bar of your browser, this tells you that site is recognized as secure.
If you do suspect that you have fallen victim to a phisher's trap, log onto your account and change your password immediately - be sure to use a different computer than the one you were using originally or at least have the original computer thoroughly scanned (though this could be too time consuming). This is important as the phisher may have installed spyware onto your computer that would track any future password changes. If you find you cannot access your account, this is probably because the phisher has used his/her access to change the password. In such circumstances contact the company concerned directly and have them close/suspend your account until the issue can be resolved. Remember, you should change your passwords on a regular basis, whether you feel they have been divulged or not.
What are online businesses doing to protect their customers from fraud? There is currently a lot of effort going into minimizing the phishing threat to customers. For example, eBay asks that customers forward any apparently fraudulent mail to them so that it may be investigated by their team of experts. Many other companies with an online presence offer a similar service. Hopefully, together, we can reduce the number of people caught by the phishers' bait.
© 2007 Florence News reprint permission to Billy Florence Team Dream Chasers site.
Phishing is a highly advanced, online form of fraud. Phishers, perpetrators of phishing, use email to request highly sensitive information such as; credit card details, social security number, passwords and much more. You are probably thinking; 'only an idiot would hand out such information to a complete stranger, right?' Wrong. Phishers are highly skilled at what they do and with the advent of online banking and other such services it can be extremely easy to be duped into giving out your details to the wrong person. Indeed, it is more and more commonly very computer/internet-literate people that fall prey to these criminals. Moreover, it's not only people that bank online that are at risk, users of eBay, PayPal, Amazon, MySpace, and many other such sites are also specifically targeted.
Phishers prey on deception and ignorance. This is actually a good thing because it means that by our common endeavor, we can fight back. To this end, it is important that you know exactly what can be done to reduce your risk of becoming a victim. Firstly, never trust the sender's email address or domain name to be accurate, this can easily be faked or made to look extremely similar to the address of a site/business you know/trust. Secondly, remember that nothing you send via email is secure; always assume that the email you are sending could be intercepted by some unknown third party. If you assume the worst then you will not risk sending anything confidential through email - would you go out onto a busy street and shout out your bank account details? Of course not, but by sending them via email, you could potentially be doing something very similar. Perhaps the most important 'take-home' message in this article is that you must never trust a link to a web site provided by an email. This is due to the existence of mirror sites. Phishers are known to create websites that look very similar to the log-in pages of other websites (e.g. eBay, bank of America, earthlink). However, if you enter you details into the fields provided by the scamster, they will be sent directly to the phisher, who will now have full access to your account.
To avoid the trick and lower the risk, always type the address of the site you want to visit directly into the address bar of whatever browser you use. Also, look for the presence of a little 'lock' image in the status bar of your browser, this tells you that site is recognized as secure.
If you do suspect that you have fallen victim to a phisher's trap, log onto your account and change your password immediately - be sure to use a different computer than the one you were using originally or at least have the original computer thoroughly scanned (though this could be too time consuming). This is important as the phisher may have installed spyware onto your computer that would track any future password changes. If you find you cannot access your account, this is probably because the phisher has used his/her access to change the password. In such circumstances contact the company concerned directly and have them close/suspend your account until the issue can be resolved. Remember, you should change your passwords on a regular basis, whether you feel they have been divulged or not.
What are online businesses doing to protect their customers from fraud? There is currently a lot of effort going into minimizing the phishing threat to customers. For example, eBay asks that customers forward any apparently fraudulent mail to them so that it may be investigated by their team of experts. Many other companies with an online presence offer a similar service. Hopefully, together, we can reduce the number of people caught by the phishers' bait.
© 2007 Florence News reprint permission to Billy Florence Team Dream Chasers site.
Labels: Billy Florence
posted by Billy Florence at
10:37 AM
