This website is accessible to all versions of every browser. However, you are seeing this message because your browser does not support basic Web standards, and does not properly display the site's design details. Please consider upgrading to a more modern browser. (Learn More).

You are here: home > business > technology

Don’t Get Hooked by a Phishing Scam

By Allan C. Edmonds
Posted Thursday, December 23, 2004

e-mail E-mail this page   print Printer-friendly page

Phishing Defined

Phishing scams involve the creation of fake web sites or imitations of legitimate companies to fool you into entering your financial information into a thief’s database. They usually include bogus e-mail messages that ask you to update your account information at online sites such as eBay, PayPal, Chase, and others. The e-mail looks legitimate, and it may have accurate logos and even wordy customer service language in the message.

They will always include a link to click to update your account, but the link actually takes you to the scammer’s web site. The fake web site imitates the real one but is really a criminal facade with a Web form asking for various personal information such as your name, address, social security number, mother's maiden name, and password--basically everything they need to ruin your life.

Once you enter your information, the scammer gets the data and can then access your account and do what they want with it.


Phishing Protection

Protecting yourself from phishing scams requires different techniques than other computer related threats. Viruses, spyware, and Trojans can be held in check if you use the right prevention software and security configurations. To protect yourself from phishing scams, you need to understand how to spot them and avoid them.

One simple way to spot the scam is to place your mouse over the link in the e-mail, but do not click the link. After a second or two, your browser or e-mail software should pop up a little balloon that will show you the real link you'd be clicking. If it is a scam, you will see a much different link than you normally use to go to that site. And don’t be fooled by having part of the correct name in the link. Here is an example: The displayed text is a fictitious, but legitimate looking web site address, but put your mouse pointer over the address and notice the difference: www.CMOL_National_Bank.com

Also, make sure your web browser software and email software is up to date. At one time there was a bug that permitted a phisher to create a website address in an e-mail that would open a page on their illegitimate site, while displaying the website address of a legitimate site in the Address field.

Other tip-offs that you are not on the legitimate web site are:

- the little lock indicating a secure link is missing (should be displayed at the bottom of the browser),

- links on the displayed page (other than the login link) don’t work,

- Pictures are missing.


However the phishers are getting better and better at duplicating the real thing. If you are unsure about an email, a good precaution is to open the website by typing the website address into the Address field of your browser, or use the shortcut in your favorites, rather than the link from a suspicious email.

Phishing Recovery

If you think you have been scammed by one of these schemes, here are some things you should do ASAP:

- Change your password immediately for the account that was scammed.

- Review your account activity, looking for bogus activity.

- Report any bogus activity (making sure you use the legitimate contact info). You should contact the three major credit reporting agencies (Equifax, TransUnion, and Experian) right away so a fraud alert can be placed on your account. This requires that you be contacted if anyone applies for credit with your information, and it can stop identity thieves with minimal damage to you and your credit. For reference, the numbers and websites are:


Equifax: Customer Assistance 800-759-5979 http://www.equifax.com

TransUnion: Customer Assistance 800-916-8800 http://www.TransUnion.com

Experian: 888-397-3742 http://www.experian.com


- Even if you do not see any bogus activity, report the scam to the company so they are aware and can take actions.
Other Computer Security Advice

There are many ways thieves can steal your personal data; from your mailbox, from your employer’s records, from fraudulently obtained credit reports, or even by dumpster diving. Here is some standard computer security advice:


- Don’t put sensitive information into e-mails or into fields at a store other than the credit card field. E-mails are inherently insecure, and even a reputable store owner will not be trying to protect information entered into fields not intended for sensitive information.


- Use a paper shredder when you discard paper that has personal information.


- If possible, use complex passwords containing characters like ; # zz % or $ for logging into a site. Store these passwords in a password protected document that only you can open.


- Keep a record of all of your online purchases. Check for confirming email messages from the online merchant. Match your printed invoices with your monthly billing statement when you receive it in the mail (or online).

- Be wary of email messages to you that promise fantastic deals. Many of these deals are scams and link back to phony web sites. Their sole purpose is to get you to enter personal information that they will use to steal your identity. Remember, if a deal looks too good to be true, it probably is!

- Make regular backups of critical data. Backups must be made at least once each day. Larger organizations should perform a full backup weekly and incremental backups every day. At least once a month the backup media should be verified.

- Use virus protection software. That means three things: having it on your computer in the first place, checking frequently for new virus signature updates, and then actually scanning all the files on your computer periodically. But be careful – there are many spyware frauds out there too. Here is a site to check before purchasing security software:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

- Use a firewall as a gatekeeper between your computer and the Internet. Firewalls can be software products or hardware devices. They are essential for those who keep their computers online through the popular DSL and cable modem connections but they are also valuable for those who still dial in.

- Regularly download security patches from your software vendors.


Online resources

There is a lot of advice on the Internet on how to protect your personal information. Here are some articles from reputable sources.
ID Theft sites:
- U.S. Federal Trade Commission
- The U.S. Department of Justice
- Consumer Reports
- www.idtheftcenter.org
- www.bbbonline.org/idtheft/protect.asp.

Other good sites:

Privacy Rights Clearinghouse - www.privacyrights.org

BBB Online Shopping Safety Tips - http://www.bbb.org/alerts/article.asp?ID=153

 

Allan Edmonds is owner of Computer Medics of Lanier, part of a team of self-employed computer technicians spread throughout America bringing the finest Mobile PC Repair Service to the homes and businesses of their local communities. For more information about Computer Medics of Lanier, visit the website at:

www.computermedicsoflanier.com




Related Links:
 
e-mail E-mail this page
print Printer-friendly page
 
 
 
Business

Got Feedback?
Send a letter to the editor.

Subscribe
Sign up for the email edition of CummingHome.

Advertise
Promote your brand at localnews.com.

Visit Our Sponsors

Click here to get free local headlines for your site