Fishing or Phishing?

After this week’s lesson on Internet security, I was very interested in finding the whole concept behind phishing. Initially I had only heard about it but I had no idea what it was all about.

So what is phishing? Well phishing refers to any form of scams that attempt to trick someone into revealing personal information, such as bank account numbers, passwords, payment card numbers, or Social Security numbers. These scams can be done by phone, email, regular mail and even via text message. In addition to seeking bank information, phishers may also try to obtain your ATM PIN or any other bits of data that can help them build a more complete profile from which they can operate in your name and “steal” money from you. It is a very elaborate scheme that requires the victims to be caught off guard.

It is highly common for phishers to target unsuspecting users with fake Internet sites or email messages that seem legitimate. This is sometimes referred to as "spoofing." Scammers also may leverage social networking sites, where users are already accustomed to sharing information with others. The website might seem almost similar to your i-banking website, but you have to be vigilant to spot the fake one.

Phishing emails and websites typically use familiar logos and graphics to deceive consumers into thinking the sender or website owner is a government agency, bank, retailer or other company they know or do business with. Sophisticated phishers may include misleading details, such as using the company CEO's name in the email "from" field. Another common phishing tactic is to make a link in an email (and the fake website where it leads) appear legitimate by subtly misspelling URLs or changing the ".com" to ".biz" or another easily overlooked substitution.

Some phishing scams even lure victims by telling them that their information has already been jeopardized. For example, potential victims may receive an email that appears to come from a major bank warning that their account has recently been exposed to fraudulent activity. Users are asked to click a link within the message so they can "confirm" their bank account information. Instead of going to the bank's legitimate website, however, victims are taken to a clever lookalike, where their information actually is routed to the scammer.

If you receive any message asking you to confirm account information that has been "stolen" or "lost" or encouraging you to reveal personal information in order to receive a prize, it may be a form of phishing.

Therefore, I’ve actually become very wary of any emails I receive or websites I visit. I make it a point to be very cautious and not reveal my personal information easily.