Phishing - how not to get caught!

Webopedia defines phishing as: (fish´ing) (n.) The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

What does this mean to you? Plenty! Phishing works by responding to seeming valid emails from trusted sources like your bank and credit card companies. The email directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card and bank account numbers that the legitimate organization already has. Once you reply to these false sites, the phishers have your valid numbers and can immediately send the information around the world for other to use as they please.

One of the more popular one relates to bank accounts. These emails are carefully crafted with HTML, and utilize graphics from legitimate companies. There are web links in the emails that look legitimate, and they appear to point to a special website run by that business. The mails even include disclaimers and legal notices at the bottom, often with working links to the real company's website.

The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
  • Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

Truman has an anti-spam filter that will filter out most of these messages, but some eventually still get through. No anti-spam filter is 100% effective. Remember, please be careful and don’t open or respond to any email you believe to be of a suspicious nature.

Next