Phishing, which is a play on fishing, is a technique by which fraudsters fish (or phish, if you like) for gullible people using emails and web sites and have them part with valuable information including personal details, usernames, passwords, credit card numbers, account information etc.
A Phishing attack usually begins with a scam email that is sent in thousands, if not millions. The phishing email appears to come from a legitimate source like your trusted bank, Paypal account, eBay account or at times the emails are simply general in nature asking for your help and promising great rewards. This email typically has one or more links to a fraudulent web site which looks like “the real thing” and where innocent people and fleeced off their sensitive information.
Phishing emails usually carry an attention grabbing and distressing subject line – Your account has been suspended…, Unauthorized access to your account…, Account violation… etc. The main purpose of phishing emails is to act like baits so that you will be prompted to click on one of the links in this email and be taken to a spoofed web site. This fraudulent web site looks just like the legitimate web site – same logo, colors and layout. However, if you bother to check the URL carefully you would realize that you were this close to getting conned. By the way, hiding the URL or masking it so that it appears like the original is another favorite trick of phishers.
Most phishing emails are meant to “shock” you, if you know what I mean. Take the example of Paypal phishing emails. The scam emails arrive at your inbox with distressing email subjects – “Your Paypal account has been hacked”, “Your Paypal account has been blocked” etc. If you hold a Paypal account you already know the kind of sensitive information it contains not to mention any “real money” stored in your account. So if the con artists get hold of your Paypal login details, you will end up not only losing the monies but also your bank account information. Read Paypal phishing scam attacks with real world examples of the choicest emails that I have received.
Another well known phishing email was one promising you about million dollars if you help the sender transfer funds to your bank account. The total funds amount to millions of dollars (in most cases its 5 million USD – don’t ask me why) and you would be given 20-25% share if the transfer took place successfully. This phishing email supposedly originates from one of the African countries and is sent by a wife/daughter/son of a slain military leader (killed in a coup – what else?). You can read The famous Nigerian email scam – get a million dollars from a stranger if you want to know more.
OK that’s a no brainier! As I mentioned, the fraudsters are looking out to get your personal information. This is not limited to just your name and contact details… the issue becomes serious if you part with your bank details (including personal identification numbers, passwords etc.), credit card number or account details of Paypal, eBay, moneybookers.com etc. You might end up with losses amounting to hundreds if not thousands of dollars once you reveal precious information to these crooks. Giving login details of your Paypal or eBay account can spell doom if you have monies or your bank information stored in those accounts.
This depends on the amount of information you share with the frauds. Providing your Paypal login details would immediately give free access to your account. Not only can the stored money be quickly transferred to another Paypal account or used for purchase on eBay or other online stores, additional funds can be stolen, if you’ve tied up your bank account with your Paypal account.
Bank account details can be used in various nefarious ways. For example, your credit card can be misused for online purchases or funds can be wire transferred in a few hours to bank accounts located in the other part of the world.
A quick and easy way that offers a decent level of protection against scam attacks is the Netcraft’s free antiphishing toolbar. Netcraft is an Internet services company devoted to tracking online technology. This toolbar is available for both Internet Explorer and Firefox and runs on a community effort that protects you from phishing attacks.
The Yahoo! toolbar also offer antiphishing features that are specially beneficial for Paypal and eBay.com account holders.
However, I would like to take a philosophical approach when answering the question of how to protect against phishing.
Each of us knows our failing and faults. The aim of the phisher is to attack that tender spot. Phishing attacks target either your greed by luring you with promises of huge fortunes or frighten/shock you with upsetting email subjects and contents.
If you know you are gullible do not be worried by emails you receive. I would advise a few relaxing breaths and then taking a fresh look at that email and (important) don’t click on any link in the email. For instance, assuming you hold a Paypal account and get an email (seemingly) from Paypal informing you that your account has been blocked, it is best to go directly to the Paypal web site than clicking rashly on the link in the email.
For all the greedy folks looking out for that pot of gold at the end of the rainbow, my advice is that it’s not going to come from a stranger – esp. one on the Internet. And neither will you be the lucky winner of a million dollar lottery if you haven’t bought a ticket. People are not there to dole out money.
Macromedia bought FutureSplash Animator from FutureWave Software and renamed it to Flash (December 1996). Then Later they sold it to Adobe. [more...]