Phishing: A Scary Way of Life

Posted by: Andy  :  Category: Web Security

The Federal Bureau of Investigation has identified “phishing” as the “hottest and most troubling new scam on the Internet.”

What is Phishing?

Phishing is a scam initiated via e-mail. Messages are “fishing” for personal and financial information. Most often, e-mails appear to be from reputable companies (internet service providers, telephone companies, etc), banks, and other financial organizations. The e-mail message often gives a story of the bank needing to update its personal information database or a financial institution claiming your personal data had been lost.

Who Phishes?

Hackers and Scammers looking for personal and financial information use phishing as an effective method of gathering information. Phishers imitate legitimate companies in e-mails to entice people to share passwords or credit-card numbers. Recent victims include:

  • Bank of America
  • Best Buy
  • America Online
  • eBay
  • PayPal
  • Washington Mutual
  • MSN (Microsoft Network)

History of Phishing

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

The term phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they “fish” for users’ financial information and password data. The most common ploy is to copy the Web page code from a major site – such as AOL – and use that code to set up a replica page that appears to be part of the company’s site. (This is why phishing is also called spoofing.) A fake e-mail is sent out with a link to this page, which solicits the user’s credit card data or password. When the form is submitted, it sends the data to the scammer while leaving the user on the company’s site so they don’t suspect a thing.

Avoid Phishing

Fortunately, common sense can save you from giving away your personal information. For example, be aware for the company requesting information. I have received e-mails from banks I have never had business with. Know that your bank or ISP will never ask for your information out of the blue. Banks do not update their databases and misplace information.

Tips To Avoid Phishing

  • If you receive an unexpected e-mail saying your account will be shut down unless you confirm your billing information, do not reply or click any links in the e-mail body.
  • Look for words misspelled or other grammatical mistakes.
  • Before submitting financial information through a Web site, look for the “lock” icon on the browser’s status bar. It means your information is secure during transmission.
  • If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.
  • If you unknowingly supplied personal or financial information, contact your bank and credit card company immediately.

Suspicious e-mail can be forwarded to uce@ftc.gov, and complaints should be filed with the state attorney general’s office or through the FTC at www.ftc.gov.

[Reference: StormFront Development]

Leave a Reply