With the growth of e-commerce, consumer online presence and email communication, scammers have also adapted to leverage this medium to con people into providing personal and financial information. One of the most common mechanisms is “phishing.”
Phishing is a fraudulent attempt to steal information, such as usernames, passwords, financial details, etc. by masquerading as a trustworthy entity. Some examples of this would include someone pretending to be social media website, a bank site, an auction site, an online payment processor or an IT administrator – the most popular culprits.
Phishing is typically done through email. The email has the look and feel of the legitimate sender. Phishing emails almost always instruct the recipient to click on a link that is contained in the email. This is a fake link that takes you to a fake website where the scammer – cybercriminal gathers your personal information.
>What to look for in a phishing email:
>Requests for personal information.
>A Sense of urgency – making the recipient believe that something has happened that requires their immediate attention.
>Incorrect spelling and bad grammar.
>Links in email.
>Threats – telling you that your security has been compromised and that you must act immediately to correct it.
>Spoofing websites or companies – scam artists use graphics in the email that appear to be connected with legitimate websites, taking you to phony sites or legitimate-looking pop-up windows. They also use web addresses that resemble names of well-known companies but are slightly altered.
Phishing is big business. As the world gets ready for the XXII Olympic Games in Sochi, Russia, so are the professional scammers. On the heels of the recent payments breach at Target Corp., cybercriminals have already begun targeting the customers affected by the breach, sending fraudulent emails, pretending to act on Target’s behalf, attempting to get personal information.
Quite unfortunately, in a digital world, the safest practice is to trust no one. The Internet is a wonderful too. But we must use it wisely – think before you click and keep in mind:
>No reputable company or organization will ask for your confidential information via email.
>Never click on a link in an email that asks you to give your personal information.
>Never reply to a popup message to provide information.
>Review you accounts (banking, credit cards, etc.) regularly.
>Always check the authenticity of the website.
>Never provide personal or confidential information to “http” links. Look for “https” links and the SSL lock symbol in the browser.
If you suspect that you have received a phishing email, contact the real company and report it to antiphishing.com, the Federal Trade Commission at firstname.lastname@example.org or the Internet Fraud Complaint Center of the FBI website.