SecurePCNews.com
The News You Need on the Information Highway
Don't get Hooked by a Phisher
Phishing (pronounced like ‘fishing’)
If you haven’t heard of this you have definitely come to the right place! Phishing is one of the most prevalent threats to your online security today.
As you know, ‘fishing’ is a sport where you cast a line into water that has a hook with some sort of bait on the end of it. Unsuspecting fish, see the bait, say a nice juicy worm, and take a big bite. Unfortunately, along with the juicy worm is a sharp hook. You know what happens next to the fish in this story.
‘Phishing’ is a similar sport except you are the fish. A phisher uses email as the line and an urgent message as the bait to catch unsuspecting online users.
Here’s how it works:
- The unsuspecting fish (you before reading your copy of SecurePCNews.com) receives an email (the line) that looks like it comes from someone you would likely trust such a bank, online store, the CIA or even your internet service provider (AOL, EarthLink, NetZero, etc).
- The email message has an urgent message (the bait) that says that something has occurred that requires you to ‘immediately’ response. The most common message is that your online account has been accessed fraudulently and you must provide information to keep your account from being closed.
- The email will have a link to click or a form to fill out. If you click the link you will be taken to a site that looks just like you would expect from your trusted site.
- Here’s where you, I mean the fish gets yanked out of the water and end up flopping around on a boat… The site you go to is actually a ‘spoofed’ (fake) site. A criminal somewhere in the world has taken over a website somewhere else in the world and created a site to look just like the real one. So that site that says ‘Welcome to Your Bank… Login here’ and looks just like your bank’s website it is really only a cover for a criminal.
- Any information you enter on this site, such as a user-id, password, credit card number, PIN, address, etc. is now in the hands of the phisher and every other criminal in the world willing to pay a couple of bucks (or Euros, Yen, Leis, etc) for it. The phisher can now access your online accounts, charge items to your credit card or attempt Identity Theft. Now you know what the fish feels like…
How do you avoid being ‘hooked’ by a phisher?
- As a rule of thumb NEVER, NEVER respond to an email that is asking for personal or financial information unless you can verify its authenticity through another source. Assume the request is FAKE until you can verify it.
- Even if it appears to be from a known party, such as your bank or online service, call the service’s customer number first to verify. If it is not from a site you do business with, just delete the message.
- Never open files attached to emails unless you can verify the source. Unfortunately most spam attachments contain viruses that can destroy your PC or steal your personal/financial data. Look for more information on viruses in an upcoming edition of SecurePCNews.com.
-
Install free Phishing detection software. Many online services such as
PayPal, eBay, Amazon, Bank of America and others now have free tools for
their customers. You can also try free software from McAfee or
Symantec that will alert you if the site you are on might be dangerous.
Learn More about Phishing
Visit these links if to learn more about phishing and how to not get hooked.
| The leading global association focused on eliminating the fraud and theft that result from phishing | |
| US Federal Trade Commission facts for consumers on a range of internet fraud topics | |
| Information site provided by the National Consumers League | |
| MillerSmiles |
UK organization that tracks the latest phishing attacks and provides helpful resources |
Get the software you need from
