Tuesday, July 27, 2010

How to identify phishing scams

What is Phishing?

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.


http://billmullins.files.wordpress.com/2007/12/paypal-phishing-this-is-the-best.jpg







What does a phishing scam look like?


Phishing e-mail messages take a number of forms. They might appear to come from your bank or financial institution, a company you regularly do business with, such as Microsoft, or from your social networking site.

 The following is an example of what a phishing scam in an e-mail message might look like.

http://www.waterfordvillagebank.com/home/fiFiles/static/images/Fake_Phishing_Scam_Image.jpg
Example of a phishing e-mail message, which includes a deceptive Web address that links to a scam Web site.
Here are a few phrases to look for if you think an e-mail message is a phishing scam.

1.Verify or update your account:

Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail.

2.you have won a prize or lottery:

The lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part

"3.If you don't respond within 48 hours, your account will be closed."

These messages convey a sense of urgency so that you'll respond immediately without thinking.

Tips to protect yourselves from phishing:


1. Don’t reply to, or click links within, emails that ask for personal, financial, or account information.

2. Check the message headers. The ‘From:’ address and the ‘Return-path’ should reference the same source. If necessary, look at the expanded header as some phishing use vulnerable email servers to rout their messages.

3. Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste, or use bookmarks.

4. If on a secure page, look for “https” at the beginning of the URL and the padlock icon in the browser.

5. Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).

6. If you ever need to change your account information, such as your billing details or your password, you should always sign in to your account from the main login page of your trusted network (i.e. your bank’s main website) and make the changes directly within your account.

No comments:

Post a Comment