Tuesday, May 13, 2008

How to avoid getting phished

Phishing is a computer crime in which phishers fraudently acquire sensitive information like credit card details and passwords. Phishing is carried out using fake emails or instant messages, where the phisher masquerades as a trustworthy person or business like a bank or an online organization such as eBay or PayPal. Below is some tips on how to avoid getting phished.

- Do not reply to emails or pop-up messages asking for personal info. Do not click on the link in that message too.
- Do not email personal or financial information.
- Regardless of who sends them, be cautious of opening any attachment or downloading any files from emails.
- Look for the 'lock' icon on the browser's status bar for secure website.
- Use updated anti-virus software and a firewall. The anti-virus will protect you from accepting unwanted files containing software can harm your computer or track your activities on the Internet without your knowledge.
- fire-wall will make you invisible on the internet and block all communications from anauthorized sources.
- Review credit card and bank statements as soon as you receive them and check for unauthorized charges.

How to identify phishing messages?

- Emails containing spelling mistakes or bad grammar.
- Lack of personal greeting.
- Misspelled URLs or the presence of subdomains.
- The presence of '@' symbol in the URL. Most browsers tend to ignore all characters preceding the @ symbol. So a web address http://www.PayPal.com@mysite.com may look like a page of PayPal but will take you to mysite.com
- Presence of an IP address in the link.

While some fraudulent emails are easy to detect, others are very sophisticated and detailed in their deception. For instance, the sender can look legitimate, the subject line can be credible, and the links and logos within the email can all match those of the brand being imitated. For the sake of the latter case, every email from a known brand requesting information should be treated with suspicion. Never click a link within the email, but rather use a search engine to find the organization's Web site. Better yet, type the URL directly into the browser's address bar. On the same note, never reply to the email, but rather use the contact page on the organization's Web site to email or phone a response.

Hopefully this tips will help you stay safe online, and put phishers out of business.


Marie said...

I've seen e-mails like these and thankfully it ends up in my junk folder!
Definitely good tips and if followed will certainly help you.

Yoko said...

Thanks marie.