I’m not talking about bait and hook fishing out in the ocean, I’m talking about online “phishing.” Same concept, different target, except this time around, the target is you.
Skyline students beware! Perhaps the one of the most devious criminal acts online, phishing involves using phony e-mail messages from your bank or credit card company, but are actually sent to you by imposters. These well constructed e-mails usually ask you to click on a link to their bogus Web site, where you are asked to enter or confirm personal and financial information such as your Social Security number, account number, password and so on.
The trouble is that these scam artists are very good at building convincing Web sites. These malicious sites look and feel legitimate, but they are not. Once they get your information, they use it to access your accounts and they can do whatever they want with it.
The e-mails themselves usually come with well-known institutional labels that you may deal with, such names as Bank of America, US Bank, and sites such as eBay and PayPal, but they aren’t as legitimate as you wish they were.
This is the number one consumer safety issue on the Internet today. It has gotten the attention of the Federal Trade Commission in Washington, D.C. They have dedicated a full consumer alert department on this issue. Software giant Microsoft has gotten into the act as well; they have filed 117 lawsuits against these high-tech swindlers and have 65 people working on an anti-phishing team. However, that isn’t enough, because the folks at the Anti-Phishing Working Group say that there are as many as 150 million phishing e-mails a day. Everyone has to protect themselves against this plague.
Here are some tips on how to spot “phishing” scams:
1. A deceptive subject line or urgent message suggesting you take action or your account may be closed. It may also ask you to update or verify your personal account information or your account may be suspended or closed.
2. Forged sender’s address. Phishing scams will generally have a forged sender’s address appearing as though the e-mail came from the company it is claiming to be.
3. Genuine looking content. These e-mails copy images, text styles, wording and logos in order to portray themselves as genuine. They even go as far as duplicating the authentication and trust marks in the e-mails to gain your confidence.
4. Phony hyperlinks. These links are within the e-mail and are disguised in an attempt to deceive you. For example: a link displayed as www.richardchiang.com may actually take you to www.playboy.com
5. Don’t pass out your confidential data to anyone that you do not know, and, even if you know them, you should always verify and confirm that they are who they say they are. The best way is to pick up the phone and dial. Don’t be lazy, I know how convenient it is to just click the mouse and be done with it. Call and speak to a live person if you aren’t sure. Don’t download stuff that you don’t need.
6. Be suspect of dubious e-mail messages, and when in doubt, delete!
7. Always type in the URL of the web page you need. Don’t rely on e-mail links to get you there. Play it safe.
8. Protect your password at all times, and change it from time to time as well.
The best defense is a good offense. Now having read all this information, don’t give out your personal 411 online.
