Many of you have heard of “Phishing”, maybe some of you have not. No I have not started writing articles on sport fishing :>). Phishing has been in the newspapers and featured on the evening news many times. It is one of the email scams that has been going around the world for several years. And it has probably become one of the biggest threats that could result in identity theft.
So just what is “Phishing”?
The website Webopedia defines it as:
“(fish’ing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, a couple of years ago, saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless they clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going the eBay site to update their account information. By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately. Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.”
Emails look like an official company message!
Phishers like to take segments of a company’s website and incorporate it into there email making it appear as if it is actually coming from that company. Over the years and continuing today, I receive phishing emails just about every day. They allegedly come from companies like eBay, Chase Manhattan Bank, CitiBank, PayPal, Internal Revenue Service, South Trust Bank and many more. Usually I receive the same one eight to ten times on the same day since the phishers are using gigantic databases that contain many of our business email addresses. In most cases, I don’t even have an account with any of these companies so I just disregard the emails.
It appears that they send these emails out to millions of email addresses at a time, knowing that they will at least get a percentage of people to read them and possibly visit their website.
Some messages I have seen….
“We are in the process of doing our regular verification of accounts and we could not verify your account information. Please click here to update and verify your information.”
“We have determined that your account has been overcharged. You must call us within 7 days to receive your refund.”
“We suspect your account has had an unauthorized transaction. To protect your account ensure that it is not compromised, please click the link below and confirm your identity.”
How do you protect yourself?
It takes some vigilance to make sure that you don’t fall for one of these scams. What can you do to protect yourself?
– First of all you should know that a bank, credit card company or any other financial institution does not send you an email asking you to verify your password and/or credit card number, so that should be the first flag that goes up in your mind.
– If you think it may be real since you have an account with the company, do not go to the website and enter any information. Get on the telephone and call the company and ask them about the email you received. I am sure that you will find that the company did not send the email and that they are fully aware of the phishers email.
– One of the ways that I usually check the email and can tell immediately that it is a scam is by the URL they want you to click on. I use Eudora Pro for my email program but I am sure there are others that work in a similar way. My browser also works this way. What I do is put my cursor over the link in the email to the web page they want you to go to (don’t click on it). When I place the cursor over the link, the actual page address shows at the very bottom of my browser. This way I can see the actual address I will be going to should I actually click on the link.
For example, let’s say the link in the email is http://www.ebay.com/updateaccount. When I look at the actual link that shows at the bottom of my browser it may show something like: “http://firstname.lastname@example.org/” or “http://www.23.456.654.3/ebay/update” or something similar which indicates that it is not taking me to the ebay site but I am being redirected to some other location. Sometimes there is a long sequence of numbers or foreign web designations instead of a .com at the end.
To say the least these things can get very sophisticated and creative. So, as I indicated earlier, it takes some vigilance. Be aware!
Wish you the best of success.
Wealthy Affiliate Team