Im sure youve all heard of Identity Theft and more recently Phishing but do you really understand what they are and how they can affect you Maybe this will help

More: continued here

Popularity: 26% [?]

| This entry was posted on Wednesday, January 23rd, 2008 at 4:01 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

‘Phishing’ refers to fraudulent email messages used to gain access to personal information
for illegal purposes such as transferring funds or purchasing goods. These fraudulent messages appear to come from legitimate businesses, most commonly financial institutions. They are designed to lure recipients into disclosing personal data such as bank account numbers, passwords and credit card numbers.

Phishing messages and emails often look authentic. They pretend to come from a financial institution or other company and have a believable email address. They often copy that institution’s logo and message format. It is common for phishing emails to contain links to
a website that is a convincing replica of the company’s home page.

A phishing email will usually describe a situation that requires immediate attention. It may tell you that your accounts will be terminated unless you verify your account information by reply email or by clicking on a link. This web link then takes you to a screen that asks for personal or financial information such as your Internet banking logon, password, credit card number or PIN.

Phishing emails often try to instil a feeling of urgency by saying things like:
• your account will be closed down unless you log on;
• a recent security upgrade means that you have to log on to be protected; or
• a large sum has been debited to your account and you need to provide your account details to confirm that the charge is incorrect.

You can avoid most phishing scams by being alert and employing sound practices for Internet use. If you receive a dubious email, here are some steps you can follow.

Pause and think

Phishing emails may seem plausible when first read. They attempt to force the recipient to urgently reply, or log onto a website, before they have time to think about what they are doing.
If you receive an unexpected email from your financial institution saying that your account will be shut down if you do not confirm your billing information, do not reply or click on any links in the email.

Take your time to think about what you are being asked to do.

Most phishing emails are sent as spam, where the sender has no knowledge of the recipient. Even if you receive a message that is addressed to you alone, read it carefully. If you are suspicious about an email, double-check before responding.

Follow your own path to the site you choose

It is possible for phishing emails to create a link on a web page or in an email and make it look as if it is taking you to a bona fide website when it is actually sending you somewhere else. Your safest course is to check that you have the correct address (URL) and then type it each time into your address bar.

If you want to check the message by telephone, use the contact number that is in the phone book, not a number listed in the email. Often the numbers provided in phishing emails are false or can lead to you incurring costs.

Report it

If you have unwittingly supplied personal or financial information, you should first change your password and then report it as soon as possible to the organisation cited in the email either via telephone (using the telephone number in the phone book) or via a web site address you know to be genuine. You should also report the matter to your local police.

Delete the phishing mail

Some phishing emails include more than fraudulent information—they can also carry viruses. If you identify that an email is ‘phishy’ delete it immediately and permanently.

Banking online safely: be careful

Whether or not you receive a phishing email, there are some simple steps that you can follow to make your online transactions secure.

Secure your system

Some criminals try to use computer viruses to harvest people’s account details, so you should make sure your computer is not an easy target.
• Install and use up-to-date protective software like anti-virus and anti-spyware software or a combination of these.
• Do not run or install programs of unknown origin.
• Use a personal firewall.
• If using a local area network, contact your administrator and seek information on the availability of email gateway filtering for specific file attachments.

Secure your passwords

If you bank online, you have a logon and password or a personal identification number (PIN) so that only you can access your own account. Do not let this personal information fall into other people’s hands.
• Do not give your PIN or password to anyone else.
• Change your Internet banking passwords on a regular basis.
• Avoid using your birth date or name as your PIN or password.
• Avoid storing your passwords on your computer.
• Do not set up your computer so it ‘autocompletes’ or saves your password.

Protect Yourself

Use a quality antispyware and antivirus software like PCTools.

A great Video Tutorial on removing viruses and spyware etc is available here:

Remove Spyware Videos

Further Information

The United States Federal Trade Commission guide How not to get hooked by a phishing scam can be found at www.ftc.gov

The Federal Trade Commission also has a website www.onguardonline.gov which provides practical advice on protecting personal information and securing personal computers against Internet fraud.

Canada’s Department of Public Safety and Emergency Preparedness and the US Department of Justice have produced a joint special report Public advisory phishing: an emerging trend in identity theft at www.psepc.gc.ca

Popularity: 48% [?]

| This entry was posted on Friday, December 7th, 2007 at 9:09 am and is filed under Phishing, Social Engineering. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.