Google
HomeCool SitesGamesGuidesStuff
Start-Guides
phishing

Phishing :  The Hi-Tech Con

By Alan Morris

Today’s internet users need to protect themselves against a variety of security threats. Viruses are still the number one threat but this can be countered with up to date antivirus software. Spy ware is also a continually growing threat and can often cause users more problems as they are less aware of how to protect themselves, but again software like Spybot 1.4 and Windows Defender can provide good protection.

Phishing is a new threat and potentially the most costly. What’s worse is that all three are often combined and used as tools by the new hi-tech criminals.

What is Phishing?

Phishing, (derived from fishing) is the term used for cons or scams where a user is tricked into providing personal information. It’s a form identity theft in which criminals lead users to a fake website and try to glean personal information, user names or passwords.

Usually this is targeted at banking details but is also used as a means to collect other personal information useful in identity theft.

How does Phishing Work?

Most Phishing scams start with an email. Typically an email is sent to possibly millions of users explaining that their bank has had a change of servers and that some account details have been lost. Usually they’ll also try to panic the user by suggesting that their bank account or other service will be closed within the next X days if they do not visit a site to reconfirm their details.

You’re probably thinking ‘nonsense, no one would fall for that’ but unfortunately quite a lot of people do.  By coincidence I received the email below whilst writing this guide. This is a typical example of a phishing scam.

Dear Valued Barclays Bank Customer,

Barclays has a strict policy to ensure all of our
customer's emails associated with their bank account's are confirmed.
Upon inspection this email was registered with your account's, however not confirmed.
Please confirm your email by clicking the link below :
http://www.barclays.co.uk/update.do

Email verification must be performed within 1 business day from receiving
this email. Failure to comply will result in online banking suspension and
limited account activity until an account specialist can contact you
regarding this error. This can be avoided simply by following our online
verification link above.

Sincerely,

Carter Franke

Barclays, Safe Harbor Dept.
Barclays, Account Services
Copyright © 2006

 

Each month this sort of attack is getting more advanced. The social engineering techniques used and email designs are evolving to look and sound much more convincing. This type of scam is not restricted to banks more and more stores and online services are also being targeted, so it pays to be vigilant.

How can I protect myself?

The first step is to think before you act. By being aware of these scams and having a little think before responding to any emails will help you spot them.

Remember your bank (or other service) will never contact you asking for details and passwords. Banks and Credit Card companies are very professional, they don’t lose your details, and they won’t write nasty emails likely to upset their customers. If they were to send you an email it will be well written and look professional. Most scam emails are badly written, although this is changing.

If everything looks and sounds right the next thing to look for is hyper links (web addresses) that don’t point where they should. In fact it’s always good practice to pay attention to hyperlinks, hold your mouse over them to see the full address and when you visit a site keep an eye on your address bar as you might be transferred elsewhere. If the email contains any links starting with a number e.g. http://213.190.10.141/ then you should be suspicious. Often Phishers will use addresses that look similar, or misspellings. If in doubt start a new window or tab and go to your banks, credit card or store website and log on. If there is a problem they’ll tell you there. If you’re still not sure give them a ring or drop them an email but don’t be panicked into responding to an email.
The most important thing is to always think before you give out any personal information. If it doesn’t feel right don’t do it.

It also pays to always have Anti-spyware and Anti-virus software installed and up to date on your computer. Whilst these won’t necessarily protect from Phishing they may reduce your risk of being targeted. Internet Explorer 7 (beta 3) which has just been released as a public beta has a built in Phishing filter to detect phishing websites. Although this is at present only in beta a full version should be available soon.
Visit Startfrom's utilities page for more free software to help protect from these threats.

How can I find out more?

For a much more detailed and indepth account of Phishing, read the Phishing Guide.
For more general information about staying safe on line visit
http://www.getsafeonline.org/
 

 

E-Mail This link
Enter recipient's e-mail:

About Us | Contact Us