"Phishing" Defined

What is Phishing?

Phishing is a relatively new term used to describe the act of trying to get private information from a person. This is usually done through the use of computers, but sometimes via telephone. The information gained is then used to commit crimes - such as emptying your bank account.

Why the term "Phishing?" The word "phishing" is really a play on words. In English, the letters "PH" are pronounced the same as the letter "F." So "phishing" is pronounced in the same was as "fishing." One of the dictionary definitions of fishing is "to seek something by roundabout means." Since phishing is an action where one tries to get your personal information through the use of covert tricks and deceit, it appropriately describes this criminal activity.

How is Phishing Done?

Phishing is accomplished through the use of tricks or schemes to gain your trust so that you will give out your personal information. Your natural response to this statement is, of course, "yeah but I am not so easily fooled." And of course you aren't. This is why phishers use a technique called "social engineering".

“Social engineering” is a euphemism (a nice way of saying something) to refer to the use of confidence tricks or the dishonest manipulation of people. The manipulator uses all sorts of tricks in order to gain your trust, or to appear to be someone else who you already trust.

For example, you trust your bank right? Otherwise you would not use it to take care of your money. Well, if you get an email from your bank to verify your account information, or a request for you to log in order to verify the payment of a bill, you would most likely answer them.

Good, this is exactly what a phisher relies on. He will send you a fake email that looks identical to an email from your bank. He might even set up a fake web page that looks like your bank’s web page, and send you there through his fake bank email.
You, under the impression that you are responding to your bank, type in your account numbers and password - and bang! The phisher has your details. He can now log on and empty your bank account.

Another trick is where the phishers sends an email which instructs the receiver to call a toll-free number in order to sort out something with his account (such as a billing or a payment). This toll-free number will be set up to sound just like the service line of one’s bank, with an automated voice response directing one to dial in one’s account number and pin code. Once the phishers has these numbers, he can of course use them to get into your account and transfer all of your money somewhere else.

As you can see, quite some work goes into deceiving people in order to get their personal details. One is not dealing with a practical joke, when faced with phishing.

While the above is just one example, and there are many, there are many more ways a in which a phisher goes about gaining personal information, credit card numbers, bank accounts, Paypal account numbers, etc. The key strategy he or she uses is to pretend to be a person or a company that you trust, and to use lies which trick you into giving out information.

How Does One Deal With Phishing?

Unfortunately, there is no anti-phishing program that works like a antivirus program or Internet security program, although an Internet security program will definitely make it harder for a phisher to hack into your computer directly and steal personal information.

The only real protection against phishing is your own alertness on the subject. If you are aware that it exists and occurs, you will be more likely to spot it, if and when it occurs.

There are, however, a few precautions and tips that will help you avoid and spot possible phishing attempts. For more information, you may view the following links:

Tips on Preventing Phishing
How to Recognize a Phisher
Protecting Others from Phishers