Tweet

Phishing Scams - How To Avoid Them

Written by: Hamish Hayward

Article Overview: Phishing is one of the fastest growing forms of internet fraud. Learn what it is and how you can spot, and avoid, this online theft.

Phishing Scams - How To Avoid Them

WHAT IS PHISHING?
Simply put, phishing is a crime where criminals use social engineering techniques to persuade you to reveal sensitive information - such as your bank account details, your credit card details, passwords etc. Or, in plain English, they trick you into giving them your personal information so that they can use it to steal your money.

In order to get you to reveal your details, the fraudster normally assumes the identity of a trusted person or organisation - typically a bank, a credit card company or an online payment processor such as PayPal.

This is often carried out using electronic communication - both e-mail and instant messenger systems are widely used today, but telephone or normal mail can also be used by these fraudsters

HOW DOES PHISHING WORK?
The normal mode of attack is an e-mail or sometimes one of the instant messenger systems, but e-mail is most common. Typically the scammer pretends to be someone such as Paypal, Ebay, your bank, or a credit card company.

They will send you an e-mail, which looks very similar to the e-mail and website of the organisation being impersonated, complete with logos, graphics, similar font styles etc.They tend to use a headline which will either entice you into reading by stimulating your sense of fear, greed or even anger.

Some Typical examples are below:

1. Your account has been suspended
2. Thank you for your order
3. Someone has sent you money using (insert name) online payment system.

These are only typical - there are many other variants.

Item 1 might be used for banks, online payment processors or credit cards. The first time that you get one of these, it’s quite understandable that you would be concerned about your account.

The e-mail will advise you that your account has been frozen for some reason - possibly because of some security issue or misuse. You need to update your details before you can restore full access to your account. There will be a link for you to click on to access their site where you can update your details and everything will be fine after that.

However, if you click on the link you will be taken, not to your account but to the scammers website where any information that you enter will be used by them to assume your identity and either steal money directly from you or use your details to buy goods online.

Like the e-mail, the scammer’s site will look very much like the official site that is being impersonated. It will use the same font size, the same - or very similar - images, official logos etc. It’s surprisingly easy to do this and it’s easy to be fooled.

Item 2 is often used when impersonating a well known online vendor such as Ebay. The e-mail arrives, again the logos are very convincing, the type and size of font are the same as normal etc. - but you know you didn’t buy the item you’ve just been given a receipt for.

Not to worry, there’s a handy link in the e-mail which usually says something like “click here if you didn’t buy this item” which you can use to sort it all out.

Guess what happens when you click on that link. That’s right, you’re going to arrive at the scammers carefully disguised website and be asked to enter some of your confidential information which will then be used to defraud you.

Item 3 is used to appeal to your sense of greed. By now, we have the method of operation off by heart I think. The e-mail arrives - someone’s sent you some money - click here to confirm and receive payment - visit scam website - enter details and the rest is history.

SPOTTING PHISHING E-MAILS
After a while, phishing e-mails are relatively easy to spot and you can avoid them by applying a little common sense. There are also new software security tools available.

There are several things that can alert you to a phishing e-mail.

* Do you actually have an account with the organisation which is purported to be the sender?
* Have they got your details correct (your name, your account number etc.)?
* What is the return e-mail address?
* Where does the “click here” link actually take you (check before you click)?
* Are there a lot of spelling and grammatical errors (lots of phishers are from countries which don’t have English as a first language).

The golden rule to avoid being phished is never to click on the link within the e-mail. Be aware that if you click on the link and decide upon arrival at the site that it’s a scam - the fraudsters might have the ability to extract information from your PC or to load spyware onto your machine even if you decline to enter information at that point.

Even if you think that the e-mail is probably genuine you are always safer to log into your account by using your web browser address bar or by clicking from your favourites list.

Also, just to be on the safe side, make sure your aware of the information policy of your important online accounts. Most reputable companies will have details of what type of information they will send you and what type of data they may ask you for by e-mail. More importantly, they will probably have clear guidelines about the types of information that they will not ask you for.

HOW CAN YOU AVOID PHISHING ATTACKS?
Here’s your plan to avoid being phished:


Be aware of your online accounts information policy guidelines.
Never click on a “handy” link in an e-mail - always enter the site using your browser or favourites list.
Forward a copy of the e-mail to the official site in question. Most of them will be happy to confirm that it’s a phishing attempt or, alternatively, advise that there is a real problem with your account.
Delete any phishing e-mails you get immediately after forwarding to the “real” company. Once you’ve deleted them, clear out your “trash” folder to stop any accidental clicking in future.

Those 4 simple steps should be all you need to protect yourself against phishing.

Related Articles
  How can software for email marketing increase delivery rates?
  How To Avoid Internet Work At Home Scams
  VeriSign Secure Site: Security of Your Web Site Is the Backbone of Trust for E-Business
  Hacking Facebook Password with the help of free hacker tools for everyone
  How Many Internet Scams Are There ?

Article Tags: bank account details, credit card details, e mail, ebay, electronic communication, font styles, fraudster, fraudsters, greed, instant messenger, messenger systems, payment processor, payment processors, paypal, plain english, scammer, security issue, sense of fear, social engineering, typical examples



Related Forum Posts
Re: Search Engine Friendly Web Development - I would like to add some more things in search engine friendly web development. 1. PPC campaign 2. Viral marketing 3. Social Media Marketing Avoid flash in website and other use CSS files to shows the content style.
Re: Online Payment Methods - Hi Andy, We use 2Checkout for all our CC transactions (Roughly 200 a month). We tried PayPal first but we found that our particular customers, were not web educated enough to recognize all the Phishing scams that are out there for PayPal/Ebay. After about our 10 complaints, in just a few weeks, we made the switch to 2Checkout. 2Checkout has been really good to work with. Any issues have been resolved quickly and have been fairly minor. Their online CP is pretty good and allows for everything that we need as a business. The process of getting customers to set up an account to make a payment, is fairly easy as well. Ideally, the first choice for us was to get our own merchant account with our bank and then process our own CC transactions, but the banks have some pretty tight requirements for this and as a new business, we did not qualify. We went to PayPal and then 2Checkout as other solutions. Ideally, with some good history with 2Checkout, I'll take a detailed report back to the banks to see if we are a little more desireable. FYI... Fees: 2Checkout - 5% Holdback for 90 days and 5.5% fee + a $.45 per transaction charge (Their exchange rates from USD to Canadian are very much weighted to their benifit) Bank Merchant account - 2.5% to 5% fee, with no holdback and flat monthly fees to cover transactions (But some transactions fees may be applied as well).
Re: 365 Foolish Mistakes Smart Managers Make - [quote="litekepr":2v18lglp]This morning's Google Alert held a pleasant surprise. WORTH MENTIONING A List of New Books Compiled by The Management and Government Information Center (MAGIC) Chinn Park Regional Library 703-792-4880Summer 2007 Indicates titles relating to the FISH Philosophy 365 Foolish Mistakes Smart Managers Make Every Day: How and Why to Avoid Them by Shri L. Henkel, 2006 interesting. Is anyone else here familiar with the FISH philosphy? i[/quote:2v18lglp] Congrats on the mention of your book! Hopefully it will drive up sales! For myself, I don't really care for their acronym... MAGIC. Gives people the subtle impression that good things happen at the snap of a finger instead of lots of hard work!
7 Top Blog Design Tips - Most blog platforms come with some basic blog designs. They may call them templates or themes or something similar, and usually they are not bad although some customisation is pretty common. I often see some common mistakes, and hopefully you will be able to avoid them. 1. Include an about page Make it prominent and make it truly about you, not some resume-like page.If people find your blog and like what you have to say, they are going to want to know something about you. 2. Have contact information visible An email or maybe even a phone number should be included. Your email can be displayed as a graphic to prevent spammers from harvesting it easily. I would suggest using an address that has your domain at the end to be more professional. e.g tyrone @ internetbusinesspath.com, rather than tyrone @ gmail.com. Visible contact information will make you seem more real and although people may occasionally contact you, it will be far less often than you might think. 3. Include a picture of yourself Blogs are personal, even business blogs, and people who visit yours will want to know what you look like. It’s also easier to built trust if your picture is visible. Though, you don’t absolutely need a picture, but it’s strongly recommended. Sometimes people might think you are hiding something if you don’t have one. 4. Show a top posts or articles page Some of your blog posts are going to be much more popular than others (you may be surprised which ones they are). I call these your pillar articlesDon’t bury your pillar articles, your most popular blog posts. Highlight them somehow. You might for example have a top posts section in the titlebar or sidebar. I have a most top articles section and I list my most popular posts based on the ones that are read the most. Other people do it slightly differently. For example, Brian Clark at copyblogger.com has a “Popular Articles” in his sidebar and under that he lists his most popular blog posts. Yaro Starak, on his blog Entrepreneurs-Journey, calls his most popular blog posts “Popular Articles” and lists them at the very top.Somehow or another highlight them. You might do something as simple as create a category called “most popular” and include popular blog posts in that category. 5. Don’t have a blog banner that is too big! The banner is the top portion of your blog that goes across the top. It might have a picture of you there, the name of the blog, perhaps some graphic — they vary quite a bit.You don’t want your banner to be big. No one should need to scroll down to see your content. People decide really quickly when they first reach a Web Site, and that includes blogs, whether to read or to leave. 6. Create a visually appealing blog Avoid bright colors. Stick to reasonable fonts like Times New Roman and Arial. Have someone with a good eye look at your blog, preferably a graphic designer. Everytime I start a blog and I’ve started dozens for myself, for friends, and for clients, I always get a graphic designer to at least look at it after I am done. The problem is that it might look OK to you or me, probably neither having a particularly good eye nor appropriate training, but it still might look really ugly to others. Having a graphic designer take a quick look at it is good insurance. 7. Keep it simple silly! Some blogs are just so busy: they have one, two, sometimes three sidebars just crammed full of all kinds of stuff. With some of it you wonder why is it there. What purpose does this serve? Now in my opinion calendars are a prime offender. What good is a calendar there? Some people like them, but to me they serve no purpose. Empty space in a blog is not only allowable, but it’s a good thing. It helps focus eyes on what is important, which is your content and hopefully the few things you choose to put in your sidebar. Most blogs start with a basic template which is then customised over time. These tips will hopefully help you that with customisation and help you avoid common mistakes with blog design. Tyrone Shum Blog Tipster


Share this article with your friends. Fund someone's dream.

Leave a comment below or share on the left and you'll help support entrepreneurs in Africa through our partnership with Kiva. Over $50,000 raised and counting - Please keep sharing! Learn more.

Tweet

Newsletter

Get advice & tips from famous business
owners, new articles by entrepreneur
experts, my latest website updates, &
special sneak peaks at what's to come!

Name:
Email:

Popular Articles

Let's Skip the Offshore Horror Stories

Executive Blind Spots

Fighting the Saw-Tooth Affect

Suggestions

Email us your ideas on how to make our
website more valuable! Thank you Sharon
from Toronto Salsa Lessons / Classes for
your suggestions to make the newsletter
look like the website and profile younger
entrepreneurs like Jennifer Lopez.