Phishing Scams have become so common now a days that many of us simply ignore them, however, some who are not aware about phishing fall prey. You think you are protected, but are you really? For starters, Phishing is an identity theft scams that can cost you Money, Name or Fame.
One of my friend was just tricked through phishing. Scamsters made him divulge his internet banking user id and password. Fraudsters, then attempted to withdraw money from his bank by logging into his account.
There was no loss in monetary terms, though. Thank God! his bank had dual authentication layer that required him to answer few more questions correctly before accepting money transfer request. However, his net banking account got locked. Based on the repeated failed money transfer attempt, Bank’s Customer Service team called him and informed him that possibly he was a victim of a Phishing Scam.
You should ensure and take some precautions to prevent phishing and safeguard your interests. Here is what Phishing means, how to identify Phishing emails and how to safeguard yourself from a Phishing Attempts.
What is Phishing?
Phishing is a process of attempting to acquire sensitive information such as usernames, passwords and credit card details by impostoring as a trustworthy entity in an electronic communication.
Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting it and falling prey to the scam.
Phishing modus operandi
Normally in phishing, a fraudulent e-mail is sent to a you falsely claiming to be from an established legitimate enterprise, such as your bank, credit card company, popular social web sites, auction sites, online payment processors or IT Administrators, etc, in an attempt to scam the user into surrendering private information that will be used for identity theft.
The e-mail directs the user to visit a Web site where they are asked to update personal information, such as username, passwords, credit card and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.
Here are a few phrases to look for if you think an e-mail message is a phishing scam.
Verify your account.
Businesses should not ask you to send passwords, login names, Credit Card numbers, internet banking password, or other personal information through e-mail or instant chat.
You have won the lottery.
The lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. The lottery scam often includes references to big companies, such as Microsoft, Google, Yahoo, etc.
If you don’t respond within 48 hours, your account will be closed.
These messages convey a sense of urgency so that you’ll respond immediately without thinking. A phishing e-mail message might even claim that your response is required because your account might have been compromised.
How to protect yourself from Phishing Emails?
If you receive such an e-mail message from someone asking you to update your information, do not respond, this could be a phishing scam. If you want to confirm the contents of the email, please contact the respective entity by phone, or visit their official website directly, never click on the link given on the email.
Here are some tips for protecting your self from Phishing scams :
- Be wary of e-mail messages that ask for your account sensitive information such as username, password, personal identification numbers (PINs), Card related details or any other sensitive information in reference to your account.
- Unless the e-mail is digitally signed, you can never be 100% sure of its source!
- Do not click any links inside an e-mail of which you have the slightest suspicion. Either call the customer service desk or use a web browser to reach the official web address of the concerned entity directly, instead of clicking on the link.
- Ensure that any Web site visited is secure when submitting sensitive information such as Credit Card numbers or using your Internet Banking passwords. One indication that a Web address is secure is if it starts with https:// rather than http://
- Ensure that your operating system and web browser is up-to-date with critical security patches.
- Consider installing security software such as those offered by anti-virus specialists that can help detect virus, filter SPAM and/or ensure secure Internet Usage (firewalls).
- Turn off your computer when not in use, to avoid criminals gaining access and misusing it for fraudulent purposes, which includes launching Phishing attacks.
- If you receive any suspicious e-mail or website prompts which are asking for your private and confidential information in relation to your account with any of the trusted entities, please contact the entity and inform them immediately. You can forward the mail to them on their official address or to the address provided by most of them combating Phishing.
- If you suspect that you have become a victim of a Phishing attack and already have divulged your sensitive account information to fraudsters, please report to customer service desk or change the passwords of the concerned account immediately
Banks have become highly secure, however if you yourself give away the key to fraudsters then what can you expect. Not every one is lucky enough, like my friend, to sustain a phishing attack without any loss.
Phishing in Simple English
A interesting video guide to recognizing and avoiding phishing scams, worth watching!