Tuesday, January 04, 2005

Clues to expose ‘Phishers’

As 2005 starts, analysts are predicting that the next big security problem will be 'phishing'.
For those of you who still haven't heard this term, where have you been?

Phishing refers to the criminal act of hackers and digital thieves who trick users into revealing their bank account or credit card numbers, an so on. This is achieved by directing users to a fake website, through an email they receive, and the site is sometimes a replica of the sites of famous banks.

All the discussion now is on the best ways to avoid becoming a phishing victim.
First, and most importantly, you must remember that real companies almost never send e-mail asking you to submit personal data.

The message might include authentic looking graphics, trademark symbols and an authentic-looking e-mail address in the ‘from’ line, but all of that can be easily faked.

One of the easiest ways to figure out it's a fake is by noting the tone of these messages which attempts to create concern, or literally scare you into giving up personal and financial information by saying that your account needs to be verified, updated or confirmed immediately.

Usually, banks and financial institutions never do that. When they want you to change personal info, they call you or ask you to drop by.

Another clue to look for is the threat of negative action, such as canceling your account if you fail to take the requested action immediately.

Any respectable organization wouldn't communicate with its customers with threats, especially if they've done nothing wrong!

Once you've spotted these clues, and feel that the message may be illegitimate, contact the organization (bank, credit card company… etc) to inform them of the hoax that you received.

Sometimes, phishers take on the guise of famous vendors or suppliers you deal with on the Web, such as top shopping sites. When you receive a message that starts with "Dear Customer" instead of your name, then you should be suspicious. After all, Amazon.com, eBay and every respectable web business has your name registered as a user, and has systems to send you messages that include your name!

Let's assume, God forbid, that you've already become a victim of phishing. How could that have happened to you? Well, it's already happening to millions of Internet users all over the world. Simply if you're not the suspicious type, and haven't heard about such scams you'll believe anyone or anything you find in your email!

So, what's to be done if you have indeed divulged credit information to a phisher?
You must immediately report the theft of your credit card number, or account number, to the body who issued you the card or account. Do this immediately, to halt withdrawals on your account.

Like every other form of eCrimes- viruses, worms, trojans...etc- phishing depends solely on your knowledge and vigilance. Now you know about it, beware!



Post a Comment

Subscribe to Post Comments [Atom]

<< Home