It is a form of online identity theft where an individual or company attempts to fraudulently acquire personal and/or private information from a user — such as passwords, account numbers, social security numbers, etc. The “phisher” poses as a trustworthy person or business and uses email or an instant message to convince users that they need to respond with certain personal information. It’s usually financial information they are after so that they can use your credit card or bank account for criminal acts.
HOW PHISHING WORKS
It looks like a normal email to the one you’d receive from your financial institution or other company you do business with. It might ask you to “verify your account information” or “confirm your billing information”. The link will direct you to a spoofed site that also mimics that of the company they are posing as. When a user visits the fake site, their personal information can be used to create fake accounts in the victim’s name, ruin their credit or even prevent them from accessing their email or account.
PROTECT YOURSELF AGAINST PHISHING
While these aren’t all the foolproof ways in which Phishing occurs, there are smart tips you should practice every day. Here are some ways you an quickly spot a fake and prevent Phishing.
- Spelling mistakes and the presence of an IP address in the link within the email
- Lack of a personal greeting, although the presence of one does not mean it’s legitimate
- Absence of partial account numbers from banks and credit card companies
If you are suspicious, contact the company you think is sending you the email either directly on their website, or by calling them. They can either confirm it is truly from them or alert their customers that someone may be phishing.
OTHER TIPS TO HELP PROTECT YOUR PRIVACY
Install a spam filter on your email to prevent accidentally clicking Phishing links. Also make sure that you have a newer browser, such as Microsoft IE8, Mozilla Firefox 3, Chrome and Opera, because they contain special software to automatically check for fraudulent Phishing URLs.