Don't Get Caught In the Phishing Net

Date: Nov 30, 2010

From time to time, unscrupulous persons or organizations engage in a type of e-mail scam known as “phishing”. According to Wikipedia (

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users…

Phishers are targeting the customers of banks and online payment services. E-mails, supposedly from the Internal Revenue Service, have been used to glean sensitive data from U.S. taxpayers. While the first such examples were sent indiscriminately in the expectation that some would be received by customers of a given bank or service, recent research has shown that phishers may in principle be able to determine which banks potential victims use, and target bogus e-mails accordingly…

Social networking sites are now a prime target of phishing, since the personal details in such sites can be used in identity theft; in late 2006 a computer worm took over pages on MySpace and altered links to direct surfers to websites designed to steal login details. Experiments show a success rate of over 70% for phishing attacks on social networks…

There are anti-phishing websites which publish exact messages that have been recently circulating the internet, such as FraudWatch International and Millersmiles. Such sites often provide specific details about the particular messages…

How to Protect Yourself
  • Never respond to emails that request personal financial information.
  • When you visit bank websites, type the URL into the address bar, rather than by just clicking a link in an e-mail.
  • Keep a regular check on your online accounts.
  • If you are using the Internet to make a credit card purchase, make sure the website you are visiting is secure, i.e., the URL should start with "https://" ("s" for security) rather than the usual "http://".
  • Be cautious with emails and personal data.
  • Avoid opening or replying to spam emails as this will give the sender confirmation they have reached a live address.
  • Use common sense when reading emails. If something seems implausible or too good to be true, it probably is.
  • Keep your computer secure by using anti-spyware and anti-virus software.
  • Make sure you keep up to date and download the latest security patches for your browser.
  • Always report suspicious activity. If you receive an email you suspect isn't genuine, forward it to the spoofed organization.