Phishing

Phishing is the practice of trying to trick someone into giving up personal and confidential information like bank account numbers, credit card numbers, user ID's and so on. The most popular way to use phishing to trick someone is via email messages. The cyber-criminals send an email to trick you into going to a fraudulent web site that looks like the web site of your bank, eBay, credit card company, or any other legitimate company. Phishing emails look just like any email you might receive from your credit card company or bank. The criminals do a very good job duplicating a company's web site. The site contains the company's logo, and perhaps the link you're supposed to click is almost the same as the company' (maybe something like accountverify-companywebaddress.com). Some characteristics of Phishing emails include the following:

• A generic greeting. Almost all phishing emails have just a generic greeting. The message greeting might say "Dear Valued Customer" or something similar. Legitimate emails usually contain your name in the greeting - not the case with Phishing. These email messages are sent out in bulk with the criminals hoping that a few people might fall for their ploy.
• Urgency. A Phishing email message wants to generate a sense of fear, urgency or panic in the recipient so they will quickly give up their personal information without really thinking. Some statements you might see in a Phishing email include that your account will be closed in X number of hours if you don't verify your information, or that your account has been suspended due to "suspicious activity".
• A request to verify your account information. The real purpose of this message, and the criminals come right out and tell you!
• A link to click to gain quick access to your account. These messages will provide you with a quick and convenient link to access your account or to verify your account information.

Other things you can look for to determine if an email message is Phishing or legitimate include misspelled words, typographical errors, bad grammar, pop-up boxes, or attachments.

There are several things you can do to protect yourself from Phishing scams. Here are a few suggestions:

• Always be skeptical - better to be safe than sorry. These Phishing emails are designed to look legitimate. If you're skeptical about a message you can always verify the legitimacy of the message by calling the company directly. Use a phone number that you find on a printed account statement or one you obtain somewhere other than the email you just received. Most companies will never send an email message asking you to provide or verify confidential information.
• Never click on a link in an email message. If you receive a message asking you to log into your account, simply open a new browser window and type the web address you know to be accurate into the address bar. The people who send these Phishing emails are clever and make the hyperlinks look legitimate. Once again, better safe than sorry.
• Keep up to date with your Virus and spyware definitions, and Windows security patches. Many Phishing emails contain some form of spyware in them. These are criminals sending out the emails. What's to stop them from sending a Trojan Horse containing a keylogger or other system monitor program along with the message?