Showing posts with label Phishing. Show all posts
Showing posts with label Phishing. Show all posts

What You Can Do to Protect Others from Phishers

(if you have not read the description of what phishing is you may see it here).

Helping Protect Others from Phishers



By reporting phishing to both volunteer and industry groups, such as PhishTank, you can help to protect others from phishers.

Other anti-phishing methods have been developed, and have been included in web browsers, toolbars, and as part of web page login procedures. A few examples are as follows:
  • Since phishing is based on the phisher pretending to be someone or someone or something else, one can prevent it if one can recognize whether a site is reliable or not. There are toolbars available that display which site one is really on.
  • Firefox allows you to type in "petname extensions" and make your own labels for websites that you visit. Using this function, you will be able to recognize if you are on the right site or not, when you go back there later. If the site is false, the software will either warn you, or block the site. (You can download Firefox for free with the link at the bottom of this page.)
  • Another method used by browsers is to keep lists of clean sites and lists of known phishing sites and, to verify websites against this list. To date, Firefox has been found to be the most effective at detecting false sites (according to software testing companies).
There are other methods of countering phishing attempts, but this is the basic picture. Aside from a few computer programs that make it harder for phishers to target you, the main weapon to use to combat phishing is an awareness of the phenomena. With this, one can recognize it where it occurs, and avoid falling into the trap.

You can help, by making others aware of phishing, and of the methods used in order to gain access to personal information.

I have attempted to write this article in such a way that anyone can understand it.

Please feel free to distribute links to this article, so that others can also be aware, and less susceptible to phishing.
Posted by
Labels: , ,

Tips on Preventing Phishing

Tips on Avoiding Traps Laid by Phishers


Precautions:

  • Never, ever click on a link inside an email from your bank, credit card company, or other similar institution. Instead, go directly to their website. The only exception might be when this is impossible. For example, you sometimes receive a confirmation email where you have to click a link to verify your email address or change your password. In this case, you will usually have just logged onto the company’s website and requested to sign up, change your password, etc. It would not be a random email which you would receive out of the blue. And even in this case, remember the below precautions and tips.
  • When you go to a website which has your personal information stored, such as your bank’s or your email’s website (like Hotmail or Yahoo), don’t type the name directly into the address bar. Instead, type the name into a search engine like Google or Yahoo, and then click the link to the site. Why? Phishers sometimes rely on spelling mistakes typed into the address bar. If the URL of your bank is www.mybank.com, the phisher might make his own website under the URL www.mybanj.com. When someone accidentally makes a spelling mistake in the address bar, he will be in the phisher’s website. The phisher makes sure that his site looks identical to the real one. You “log on,” type in your username and password, and the phisher has your data. But if you go via a search engine, the real website will most likely show up at the top of the page, not the fake one!
  • Don’t publish your email address on the Internet. This includes in blogs, forums, websites, etc. If you have a website, use a contact form connected to your email address. If you are a member of a forum, you can usually set it up so that you will be emailed by the forum whenever someone answers your post. Phishers and spammers regularly go through the Internet to find email addresses (they even have software to collect these email addresses). They send their spam or phishing emails to the addresses they find. If your address is only made known to valid contacts, you are less likely to receive a phishing email.
  • Don’t answer your spam. This confirms that your email address exists and is likely to lead to more spam – including possible phishing attempts.
  • Be careful about forwarding emails to your friends and family. Make sure the email is from a trusted source and that you are sure it does not come from a phisher who will then target your friends and contacts.
Posted by
Labels:

"Phishing" Defined


What is Phishing?


Phishing is a relatively new term used to describe the act of trying to get private information from a person. This is usually done through the use of computers, but sometimes via telephone. The information gained is then used to commit crimes - such as emptying your bank account.

Why the term "Phishing?" The word "phishing" is really a play on words. In English, the letters "PH" are pronounced the same as the letter "F." So "phishing" is pronounced in the same was as "fishing." One of the dictionary definitions of fishing is "to seek something by roundabout means." Since phishing is an action where one tries to get your personal information through the use of covert tricks and deceit, it appropriately describes this criminal activity.

How is Phishing Done?


Phishing is accomplished through the use of tricks or schemes to gain your trust so that you will give out your personal information. Your natural response to this statement is, of course, "yeah but I am not so easily fooled." And of course you aren't. This is why phishers use a technique called "social engineering".

“Social engineering” is a euphemism (a nice way of saying something) to refer to the use of confidence tricks or the dishonest manipulation of people. The manipulator uses all sorts of tricks in order to gain your trust, or to appear to be someone else who you already trust.

For example, you trust your bank right? Otherwise you would not use it to take care of your money. Well, if you get an email from your bank to verify your account information, or a request for you to log in order to verify the payment of a bill, you would most likely answer them.

Good, this is exactly what a phisher relies on. He will send you a fake email that looks identical to an email from your bank. He might even set up a fake web page that looks like your bank’s web page, and send you there through his fake bank email.
You, under the impression that you are responding to your bank, type in your account numbers and password - and bang! The phisher has your details. He can now log on and empty your bank account.

Another trick is where the phishers sends an email which instructs the receiver to call a toll-free number in order to sort out something with his account (such as a billing or a payment). This toll-free number will be set up to sound just like the service line of one’s bank, with an automated voice response directing one to dial in one’s account number and pin code. Once the phishers has these numbers, he can of course use them to get into your account and transfer all of your money somewhere else.

As you can see, quite some work goes into deceiving people in order to get their personal details. One is not dealing with a practical joke, when faced with phishing.

While the above is just one example, and there are many, there are many more ways a in which a phisher goes about gaining personal information, credit card numbers, bank accounts, Paypal account numbers, etc. The key strategy he or she uses is to pretend to be a person or a company that you trust, and to use lies which trick you into giving out information.

How Does One Deal With Phishing?


Unfortunately, there is no anti-phishing program that works like a antivirus program or Internet security program, although an Internet security program will definitely make it harder for a phisher to hack into your computer directly and steal personal information.

The only real protection against phishing is your own alertness on the subject. If you are aware that it exists and occurs, you will be more likely to spot it, if and when it occurs.

There are, however, a few precautions and tips that will help you avoid and spot possible phishing attempts. For more information, you may view the following links:

Tips on Preventing Phishing
How to Recognize a Phisher
Protecting Others from Phishers
Posted by
Labels: ,
Subscribe to: Posts (Atom)