Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by unscrupulous people using electronic communications such as e-mail, SMS etc. Phishing scams are just another attempt to get valuable information. Scammers send a mass email to every address they can find. Typically the message will appear to come from a bank, financial institution or even Government authorities. The email states that you should update your information for one reason or another, and they usually provide a link that you can click to update the details. Usage of internet has become part of every bodies life and each person have more than one e-mail ids also. When compared to the traditional manual transactions either related to banking or other services, now it become more easy and convenient due to the flourishing of internet usage and electronic revolutions
Phishing is typically carried out by e-mail spooling or instant messages and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. This all sounds reasonable and it may look legitimate, but phishing scams are anything but legitimate. The link provided does not take you to the financial institution's website. Instead, you'll be submitting your information to a website run by the scammers. Phishing scams are now a part of everyday life. It's important that you know how to spot one and avoid becoming a victim. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include proper legislation, user training, public awareness, and technical security measures.
Below is an example of a phishing scam targeting reputed bank customers? This phish claims that Bank is adopting new security measures which require confirming ATM/Credit card details. As with other phishing scams, the victim is directed to visit a fraudulent site and any information entered on that site is sent to the attacker. You received an E-mail message from your bank saying that your current/savings bank account was overdrawn because of a cheque that you didn't write, what would you do? Before you answer, it's important to realize that you may not really be overdrawn and that there is a good chance that someone is trying to scam you
So what about that official looking URL on the E-mail message? Sure, it probably looks like the bank's official Web site, but try hovering your mouse over the URL. When you hover your mouse over the URL, you will see the hyper link appear. If the URL is legitimate, the hyperlink should match the URL displayed in the message exactly. Typically, the person who created the message will replace the URL with an IP address, or they will use a domain name that is spelled very similarly to the bank's domain name.
Obviously, the idea behind a Phishing scam is to panic you into clicking on the link contained in the E-mail message and then getting you to enter your bank account number and password. Therefore, you might be wondering how someone could enter their account information into a Web site that does not belong to their bank? You should never click on a link within a suspicious message. If you really must visit the Web site that the message claims to be from, enter the site's address into your browser manually. Other precautionary steps that you can take are to review your bank statements and credit card statements regularly to make sure that no one is stealing from you or making purchases in your name. Finally, if you do receive an E-mail message that proves to be a Phishing scam, you should report the message to the company that the message claims to be from. Doing so makes the company aware of the scam so that they can report it to the proper authorities and help keep other people from being ripped off.
The best way to avoid becoming a phishing scam victim is to use your best judgment. No financial institution with any sense will email you and ask you to input all of your sensitive information. In fact, most institutions are informing customers that " We will never ask you for your personal information via phone or email". Also, it is advisable to open two bank accounts one with online banking facilities and other one ordinary account without online banking facilities. Keep major portion of your money in the ordinary account and for any online transactions transfer money from this account to the account with online facilities. In this case the loss will be limited, if someone fraudulently try to access your account.
Recently the scammers started using a new trick, sending mails directing to provide your bank account details for crediting the income tax refund. This mail also looks like sent from the Income Tax Department. Now a day's scammers are even using the Reserve Bank of India, United Nations name also to forge the innocent people. Another types of phishing is intimation regarding winning of lotteries, employment offers, help required for investing billions of Dollars etc. In all these are cleverly designed to look as official as possible. The message's sole purpose is to gather information. Be careful about these types of scams.
Anybody can be tricked by a sophisticated phishing scam. Simple phishing scams are easy to spot, but the best scammers are actually pretty smart. They use a variety of tricks to make the phishing scam look like a legitimate process. For example, they might include a graphic from the bank right on the email message or website. Or, the link provided in the email may look like it goes to the bank's website while the victim is actually sent to a very different site.
Truthfully, it is very easy to scam someone into entering information into a false Web site. To see how easy it is, try this little experiment. Go to your bank's Web site and then select the Source command from Internet Explorer's View menu. This will show you the source code to your bank's Web site .The best thing that you can do is to call the company that allegedly sent you the message. Never use the phone number included in the message though. Instead, take the time to look the phone number up in the phone book. It's better to spend a few extra minutes looking up a number that you already have in front of you than to be a victim of a scam.
Best Regards
Prakash Nair
No comments:
Post a Comment