Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites such as PayPal, eBay and Yahoo. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.
Examples of phishing:
(1) PayPal
(2) eBay
(3) Yahoo!
How to prevent phishing?
Don’t click on links within emails that ask for your personal information.
Fraudsters use these links to lure people to phony Web sites that looks just like the real sites of the company, organization, or agency they’re impersonating. If you follow the instructions and enter your personal information on the Web site, you’ll deliver it directly into the hands of identity thieves. To check whether the message is really from the company or agency, call it directly or go to its Web site (use a search engine to find it).
Never enter your personal information in a pop-up screen.
Sometimes a phisher will direct you to a real company’s, organization’s, or agency’s Web site, but then an unauthorized pop-up screen created by the scammer will appear, with blanks in which to provide your personal information. If you fill it in, your information will go to the phisher. Legitimate companies, agencies and organizations don’t ask for personal information via pop-up screens. Install pop-up blocking software to help prevent this type of phishing attack.
Protect your computer with spam filters, anti-virus and anti-spyware software, and a firewall, and keep them up to date.
A spam filter can help reduce the number of phishing emails you get. Anti-virus software, which scans incoming messages for troublesome files, and anti-spyware software, which looks for programs that have been installed on your computer and track your online activities without your knowledge, can protect you against pharming and other techniques that phishers use. Firewalls prevent hackers and unauthorized communications from entering your computer – which is especially important if you have a broadband connection because your computer is open to the Internet whenever it’s turned on. Look for programs that offer automatic updates and take advantage of free patches that manufacturers offer to fix newly discovered problems.
Only open email attachments if you’re expecting them and know what they contain.
Even if the messages look like they came from people you know, they could be from scammers and contain programs that will steal your personal information.
Be suspicious if someone contacts you unexpectedly and asks for your personal information.
It’s hard to tell whether something is legitimate by looking at an email or a Web site, or talking to someone on the phone. But if you’re contacted out of the blue and asked for your personal information, it’s a warning sign that something is “phishy.” Legitimate companies and agencies don’t operate that way.
Act immediately if you’ve been hooked by a phisher.
If you provided account numbers, PINS, or passwords to a phisher, notify the companies with whom you have the accounts right away.
Report phishing, whether you’re a victim or not.
Tell the company or agency that the phisher was impersonating. You can also report the problem to law enforcement agencies. The information you provide helps to stop identity theft.
No comments:
Post a Comment