I got a note from my bank about phishing scams, but I'm still not sure what it means. Can you explain in simple terms what phishing is all about?
What is Phishing?
In simplest terms, phishing is the act of stealing information using lies as bait. Instead of coming to your home to steal your information, online scammers want to trick you into passing it over voluntarily, by pretending to be someone you trust. The Internet has become a playground for unscrupulous people looking to steal your information. Let's take a look at some examples, and learn how to protect yourself from phishing scams.
Losing It All
Nancy Boyle and her family are victims of phishing, according to the Washington Post. Mrs. Boyle received an email allegedly from Bank One, asking her to please verify critical information. The email warned that they were trying out new anti-fraud procedures. She entered her critical information, and soon after money disappeared from her bank account.
Later, she got another email apparently from eBay, warning of possible fraudulent activity on her account. This time she handed over her Social Security number and other personal information. With this information, scammers easily could steal her identity and perpetrate fraud in HER name. And so they did, opening accounts, racking up bogus charges and leaving the Boyle family with years of financial stress ahead. The Federal Trade Commission estimates that over 1.5 million people fall victim to such scams each year.
We hear a lot about phishing because of the Internet, but this is not a new crime. In years past, men would come to an elderly woman's home, claiming they were from the bank. The woman would then hand over critical information, only to find out later that her money had been stolen. Because many people don't have a clear understanding of how easily emails and websites can be spoofed, the Internet has become one more way for scammers to steal your information. Only now they don't have to leave home or even show their faces.
Methods of PhishingPhishing can occur in various ways. For example, you may get an email that is supposedly from your bank. The email will ask you for sensitive information. It might also ask you to click a link to visit the website and enter your username, password or account numbers. Scammers have become so clever, that they will create websites looking exactly like the original website. Financial institutions, eBay and PayPal have been popular targets of phishing scammers for several years.
How can you tell if you've landed on a phishing website? Try an experiment. Enter a bogus username and password. A phishing website will accept any form of username and password and allow you to 'log in'. Or it may log your info, report a password error, and then redirect you to the correct site, leading you to think you merely entered your password incorrectly.
Don't Fall For Phishing Attacks
There are ways to prevent your information from being stolen. The first step is to always use updated antivirus software to protect your computer from spyware and viruses. Never browse the web without this protection, and be careful to keep your software up to date.
The next step is to never trust any website or email with your personal information, unless you are absolutely sure of where you are. Don't click on a link in an email to go to the website, even if the correct address appears at the bottom of the screen when you place the mouse over the link. The status bar can be easily spoofed, or you might be fooled by the replacement of the letter "O" by a zero. Instead, open up a new browser and type in the website address by hand, or click a link from your bookmarks or favorites list. Check with your bank by phone if you suspect a phishing attack, or if you're not sure of the correct website address.
If your bank asks for personal information to help identify you further, you can always call the number printed on your credit card or bank statement to ask them if it's legit, and if you could give it to them over the phone. Most banks will be happy to handle any security issues via phone, so you can feel safe.
To Better Protect You From Phishing
Banks are doing what they can to protect you from phishing attacks. For example, if large amounts of money are being drawn out, the bank can freeze your account and they will give you a call to make sure if the withdrawals are from you and not someone else. Banks are also trying to educate customers so they will be aware of phishing scams, and it's common practice for banks and credit card companies to NOT include a clickable link in their mailings. Some banks are even offering to cover some of the money you may have lost due to phishing attacks, but in the long run everyone pays for this kind of protection. If you use the right preventive measures, you'll never have to worry about it.
Current web browsers are becoming better at identifying potentially dangerous websites. They will check the websites you browse against a known list of phishing sites. The list is regularly updated and the feature is automatically enabled since FireFox version 2. It will flash a warning to you, letting you know that the website you are about to enter may be a phishing website.
With each new advance in technology, both the scammers and the good guys are engaged in an escalating battle. Your job is to be alert, keep your software updated and do your part to verify the identity of anyone receiving your personal information.
This article was posted by Bob Rankin on 26 Feb 2009
|For Fun: Buy Bob a Snickers.
What is TiVo?
The Top Twenty
Is Pirate Bay Sinking?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Phishing Scams (Posted: 26 Feb 2009)
Copyright © 2005 - Bob Rankin - All Rights Reserved