What is Phishing?
It is an form of criminal activity and fraudulent attempt, which usually made through email to steal people personal information and acquire sensitive information such as passwords and credit card details by pretending as a trustworthy person or a business in an electronic communication.
Those phishing emails usually appear to come from some well-known organizations such as banks, ebay and etc, Besides that, phishing emails ask for personal and sensitive information-credit card number, social security number, account number and even passwords also. Usually, phishing emails appear to come from those sites, services, companies or organizations which they do not even have accounts. Moreover, phishing emails always tell people to click a link that is a site to request people to fill in or updated their personal information.
What are the signs of Phishing?
(1) Requests for personal information- Legitimate companies would NEVER REQUEST personal information, especially not a company or an organization such as bank or credit card company which should already have those personal information.
(2) Mistakes- Little things that can often reveal the biggest clues. Most mistakes in grammers, slip up on the finer details and so on.
(3) Addressed as "Customer"- Phishers want to save time, they use generic names like "Dear Valued Customer", so that they do not have to type all recipients' name out and send one-by-one. For example, if your bank, regularly addresses your name in.
(4) "Verify your account"- A legitimate business would not request their customers' passwords, logon names, Social Security numbers and other sensitive information through emails. If receive these kind of emails, do not response. It is a phishing scam.
(5) "Click the link below to gain access to your account"- HTML formatted messages can contain links or forms that people can fill out just as people would fill out on a Website. The link that people urge to click may contain all or part of a real company's name but the link is actually taking people to a sham Website.
(6) Uniform Resource Locator (URL)- Phishers sightly altered by intentionally adding, omitting or transposing letters. For example, the URL "www.microsoft.com" could instead as:
(b) www.mircosoft.com
(c) www.verify-microsoft.com
How to prevent?
(1) Change the passwords on all the accounts- Use a strong password that at least eight characters long, includes letters, numbers and symbols, easy for users to remember but hard for othersto guess. Avoid the name and words in any dictionary, important dates and so on. Protect passwords and change them regularly.
(2) Report the incident- Contact the credit card company or bank if those personal information already given out. Report or send the phishing emails to them so it is easier for them to protect their customers.
(3) Separate email address for different usage- For example, one for financial transaction, one for trusted friends and families and one for public or general use. So, have to do everything well to keep the address for financial transaction purpose as private as possible.
(4) Improve Computer's Security- Phishers hope users have not been applying the latest fixes and try to take advantage of those vulnerabilies. Better use a firewall and anti-phishing software such as Kaspersky Internet Security, Norton 360 and so on. Besides that, Web Browsers like Microsoft Internet Explorer 7 and Firefox 2.0 come with the anti-phishing functions.
Video Sharing to clarify on Phishing Scams in Plain English
REMEMBER!! Legitimate organizations would NEVER REQUEST personal information through emails.
Reference:
Retrieved from http://onecare.live.com/site/en-us/article/phishing_prevent.htm on 23 June 2009
Retrieved from http://www.youtube.com/watch?v=sqRZGhiHGxg&feature=fvw on 23 June 2009
0 comments:
Post a Comment