Phishing is the process of attempting to criminally and fradulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Pay Pal, eBay ,MSN, Yahoo and online banks are common targets.
How phishing works?
The perpetrator carried out using email addresses and instant messaging. They will use fake website they have created instead of legitimate one to entice people to share sensitive information, like usernames, password and credit-card details.
Examples :
1. The "From Field" appears to be from the legitimate company mentioned in the e-mail. It is important to note, however, that it is very simple to change the "from" information in any e-mail client.
2. The e-mail will usually contain logos or images that have been taken from the Web site of the company mentioned in the scam e-mail.
3.The e-mail will contain a clickable link with text suggesting you use the inserted link to validate your information. In the image you will see that once the hyperlink is highlighted, the bottom left of the screen shows the real Web site address to which you will go. Note that the hyperlink does NOT point to the legitimate Citibank Web site URL
Prevention Method
- Guard against spam
ゅBe especially cautious of emails that, come from unrecognized senders.Which ask you to confirm personal or financial information over the Internet or make urgent requests for this information.
ゅTry to upset you into acting quickly by threatening you with frightening information. - Do not click on links, download files or open attachments in emails from unknown senders. ゅIt is best to open attachments only when you are expecting them and know what they contain, even if you know the sender
- Check your online accounts and bank statements regularly to ensure that no unauthorized transactions have been made
- "Dear Valued Customer."
ゅPhishing e-mail messages are usually sent out in bulk and do not contain your first or last name. Although, it is possible that con artists have this information. Most legitimate companies (but not all) should address you by first and last name. - Beware of pop-ups
Never enter personal information in a pop-up screen.
ゅDo not click on links in a pop-up screen.
ゅDo not copy web addresses into your browser from pop-ups.
ゅ Legitimate enterprises should never ask you to submit personal information in pop-up screens, so don’t do it. - Immediately Report Suspected Phishing Contacts
ゅ If you do receive a message you suspect to be a phishing scam, call the customer service phone number right away to confirm whether you've received an actual message or not. In addition, almost every bank and credit card lender has a website where you can report suspicious emails and instant messages.
Sources
http://www.webopedia.com/didyouknow/internet/2005/phishing.asp
http://www.msun.edu/infotech/its/how/security/phishing-examples.htm
http://www.spywareremove.com/phishing/preventphishingscams.php
http://www.identitytheftkiller.com/prevent-phishing-scams.php
0 comments:
Post a Comment