Beware of Phishing Scams
There is a growing menace on the Internet called phishing.
In simple terms, phishing can be defined as using fraudulent
emails and web sites to trick you into revealing passwords and user names.
The scary part is that phishing is becoming a growing and thriving industry.
AntiPhishing.org
reported that in the four months from October 2004 to January 2005,
the phishing problem grew by 600 percent.
Despite the authentic look of this email, its urgency and subtle errors
are warning signs that it is a phishing scam.
This is extremely serious, because phishers are trying to steal your most
important information–financial information.
Over a period of just two days, I have received phishing emails that claimed to be
from eBay, Washington Mutual, PayPal, and Citibank.
One of the emails I received is shown on the right.
These emails are written as if they are urgent and require immediate action.
This is actually one of the largest warning signs of a scam email.
The phishers need people to act quickly in order to escape capture.
The link in the email is good for only perhaps a few hours,
and then they change web sites to keep one step ahead of the authorities.
Worse still the problem is on the rise, clogging our inboxes with countless
security alerts and account validations.
Phishing is a financial numbers game.
If they send out a million emails a day (small by spam standards)
and just one in 100,000 falls for the deception,
they have bank account information for 10 people.
That’s a lot of money!
Once these devious people have your financial information,
they can take all of your money and have the ability to financially ruin your lives.
As the phishers find success stealing your money, their sophistication is quickly rising.
The web site on the right is virtually indistinguishable from
eBay’s actual sign in page.
Compare for yourself.
The only warning sign can be found in the address bar.
Careful scrutiny shows that the page is not being delivered by web site but by a strange URL.
Users need to make a habit of looking at the address bar before entering user information
over the Internet.
Aside from the peculiar URL in the address bar, this page is indistinguishable from eBay’s actual sign in page.
Up until now, most phishers have escaped capture from the authorities,
which has led them to become more brazen and sophisticated.
Users shouldn’t expect that fear of prosecution will stop phishing;
self-defense is the best course of action.
Here is how you can protect yourself:
-
Ignore and delete any email that claims to be from a financial institution and
asks you to enter your user name, password or other important
data such as a credit card or social security number.
If you have concerns that it may be real, contact the company by telephone. -
Never click any link inside an email message that claims to be from a bank
or financial institution.
Instead, open a new browser window and go to the web site by typing in the address or using
a bookmark that you have previously set. -
Look at the address bar before entering sensitive information into a web site.
For any site that handles your money or personal information (such as medical data),
you should see the site name prefixed by https://
indicating that it is using a secure connection.
Of course, phishing is illegal in countless different ways.
However due to the Internet’s anonymity and various hacking tricks,
it has been simple for these bandits to escape the law.
I hope one day these type of scams come to an end, but
until then, please everyone be careful out there!