Phishing refers to the act of tricking people into revealing sensitive or private information. It is an e-mail fraud method in which the phisher sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Basically, phishing come from those well-known and trustworthy website such as PayPal, eBay, Yahoo, MSN, BestBuy, and America Online so that recipients would not suspect the incoming sources. Phishing attacks generally target on bank information, username, social security numbers, and password information.
Let's have a look on some of the phishing example:
This is an example of a phishing scam targeting Washington Mutual Bank customers. This phish claims that Washington Mutual Bank is adopting new security measures which require confirming ATM card details. As with other phishing scams, the victim is directed to visit a fraudulent site and any information entered on that site is sent to the attacker.
This is a phishing mail from the Charter One bank. This phishing email also pretends to be working to preserve the safety and integrity of online banking. The email also includes the Charter One logo in an attempt to gain reliability and trusty from customers.
Here is another example of a phishing scam targeting SunTrust bank customers. The email warns that the account may be suspended if customers failed to comply with the instructions stated in the statement. The phishers uses the SunTrust logo again which they can simply copied from the real banking site.
PayPal and eBay were two of the earliest targets of phishing scams. This PayPal phishing scams tries to trick recipients by claiming that someone 'from a foreign IP address' attempted to login to your PayPal account, the mail urges recipients to confirm their account details through the link provided at the bottom of the ststement. Once the recipients click on the link provided, it will actually takes the recipient to another unrelated website.
This is another phishing email from eBay website. It urges the eBay member to login and verify the charges due to a billing error that have been conducted previously. In order to make it more reliable, attacker attaches the eBay logo with it.
How To PREVENT Phishing?
In this technology era, phishing can occurs in different manner at anytime and at anywhere. Although complete prevention is impossible, there are several ways to prevent form it.
1) NEVER EVER Click on the hyperlinks provided within the email
You should never ever click on the links that is provided if you are doubt of the email sources. You can do it in an alternative way by directly type in the URL in the Internet browser address bar or call the company on a verified contact number.
2) Always look for "https" and a padlock on a site that requests personal information
Information entered on an Internet Web Site can be intercepted by a third party. Thus, when submitting sensitive financial and personal information through Internet, look for the locked padlock on the Internet browser's status bar or the “https://” at the start of the URL in the address bar. Although there is no absolute guarantee of the site's security, by not doing so, the site is definitely unsecure.
3) Use Anti-phishing software
Phishing Blaster is an Anti-Phishing software that monitors the incoming emails and web pages that might be phishing. Phishing Blaster provides one-step access to the security features that keep your computer safe and blocks phishing scams as it is being updated regularly in order to be more effective. The advantage of this anti software is that it is able to recognize phishing emails pretending to come from eBay, PayPal, Amazon and hundreds of other financial institutions. It benefits consumer from being tricked.
4) Educate Yourself on Fraudulent Activity on the Internet
The best way to avoid from becoming a phishing scam victim is to use your best judgement. None of the financial institution with any sense will email and ask you to input all your sensitive and private information. In fact, most institutions are keep on reminding and informing customers that “We will NEVER ask you for your personal information through phone or email” as the information is private and confidential. So, be SMART whenever you received a phishing mail, definitely you will not be attacked.
Related Links:
http://en.wikipedia.org/wiki/Phishing
antivirus.about.com/.../ss/phishing_6.htm
http://www.fraudwatchinternational.com/phishing-fraud/phishing-protection/
Prepared by Chong Hui Qi'