Sunday, June 22, 2008

Phishing: Examples and its Prevention Methods

What is phishing? Phishing is a type of deception designed to steal your valuable personal data, such as passwords, credit card numbers, account numbers and other information. Paypal, eBay, Citibank are the common targets. Phishing is typically carried out by email or instant messaging and often direct users to key in the details to the websites. Below are the examples of phishing scam:

Phishing email for target users of eBay members




This eBay phishing email includes the eBay logo in an attempt to gain credibility. The email warns that a billing error may have been made on the account and urges the eBay member to login and verify the charges.

Phishing email for target users of Citibank members


The attacker claims to be acting in the interests of safety and integrity for the online banking community. Of course, in order to do so, you are instructed to visit a fake websites and enter critical financial details that the attacker will then use to disrupt the very safety and integrity they claim to be protecting.


The Prevention methods


Nowadays, computer users are bombarded with an increasing number of phishing email and attacks. However, several ways that can prevent them are as follows:


1) Always be wary of any email requesting personal information. Don’t reply any suspicious looking emails or click in any links that you’re unsure of. For example, if you receive an email from eBay requesting personal information such as your username and passwords, visit eBay directly by typing http://www.ebay.com/ into your browser to check on your account status. Usually, phishers will include link leading to a fake website, similar name like ebayauctions.com, actually this can give them full access to your sensitive information.


2) Always ensure that you are on a secure connection to a web server when submitting personal information. This can determined by:
--Seeing an https:// appear in the URL instead of http://
--Seeing a picture of a locked padlock in the lower right-hand corner of the BROWSER WINDOW, not the page itself. (Sometimes, phishers display this icon on their websites to trick users to think that they are secure connection.)


3) Avoid emails with urgent requests for financial or account information. Such email that may ask for usernames and passwords, credit cards numbers, social security numbers or other personal information.


4) If you receive spam or an email you suspect is phishing-related, forward it to spam@uce.gov is maintained by the FTC and they regularly investigates emails that they receive.

0 comments:

E-song


MusicPlaylist