Mary Harboe
05.02.07
Phishing
What is Phishing
Unsolicited emails that arrived (ie spam), usually asking for verification of your financial details with a link to the site where you will confirm your account.
Phishing Scams:
It used to be that you could spot a phishing site by its terrible grammar. But the scams have become much more sophisticated and aggressive. Now it's tough to distinguish the real sites from the crooked ones.
Phishing schemes rely on spam to lure people to look-alike sites. These e-mail lures usually claim to be from banks or services like PayPal. They might tell you to sign into your account to verify your information. Then you'll typically be provided with a link to the sign-in Web page.
But the link inevitably leads to a fake site that mimics the real thing. Any information you type into the fake site will be stolen. The crooks could get passwords, credit card numbers etc.
So why are people still responding to spam? The truth is that most people don't. Spammers subsist on only about one percent of their targets.
But phishing is not the product of business people. These profiteers are criminals.
You don't have to get swindled. The best way to stay secure is simply to avoid phishing scams. And that starts with good e-mail habits.
First, do not respond to unsolicited e-mail (spam).
Reputable businesses do not ask for passwords or personal information through e-mail.
Second, do not click links in e-mail messages.
Don't even cut and paste addresses from e-mail. If you need to access online accounts, do it the safe way. Type Web addresses directly into the browser yourself.
Do not open attachments from unsolicited e-mail. Again, reputable organizations do not do business this way.
Attachments can install programs like keyloggers, which record everything you type. If that happens, crooks don't even need fake sites to steal your information.
What if you’ve already been had?
If you suspect that you've been tricked into giving away information, you can still act. You can find good advice at the Anti-Phishing Working Group (APWG) Web site. The group is supported by various banks, software companies and Internet service providers.
http://www.antiphishing.org/index.html