As if we didn’t have our hands full enough with viruses, adware, spyware, trojans and all the other nasties, we also have worry about phishing?!
What is phishing, and why should you care?
The word is pronounced “fishing.” When someone phishes, their goal is to lure people into giving them personal or financial information that they can use to their advantage. Their motivation is greed.
A common ploy is to send out an e-mail that is made to look like it’s from a legitimate financial institution (such as PayPal, or your bank). The text of the e-mail gives some reason why you should click on the link they provide in the e-mail and log into your account on the Web page it takes you to.
If you do log into your account like they want you to, you’re the phish, and you took the bait — hook, line, and sinker.
The goal of the phisher is to get you to give them your bank account logon name and password. They use legitimate-looking e-mail to send people to legitimate-looking Web sites, where they capture and record your username and password as you type it in. As soon as they have that, they can log into your bank account and conduct transactions, just as if they were you.
How do you avoid falling prey to these tricksters? The very fact that they are asking for your account information marks them as imposters. Banks and other institutions and businesses don’t contact their customers to update account information. They wait until the next time their customer goes to them.
Think about it: Have you ever received a phone call or letter from your bank asking you to contact them so where to buy digibyte they can verify something about your account? If they don’t contact you by telephone or regular mail, why would they do so in e-mail?
Our rule of thumb is, if we receive ANY e-mail asking us to go to a Web site and log onto our account, we automatically assume it’s a phishing attempt and delete it, 100% of the time. No exceptions. The very request itself is like a big red sign that says “Phishing Attempt!”
Phishers don’t always try to pass themselves off as financial institutions. Businesses like eBay and amazon.com are also represented in phishing scams. Mortgage companies are another target. Phishers send e-mails offering low rates on on mortgages or other loans to lure people into going to a false Web site and typing in their Social Security number. Another ploy is to offer low-interest credit cards, credit reports, or credit repair — anything that will get you to enter your Social Security number or other personal or financial information.