Phishing

Phishing

What Is Phishing?

Phishing

Phishing is an outright attempt to steal an individuals personal identity details such as usernames, account details and credit card information. Phishing emerged from within the ranks of the 'hacking' and 'phreaking' community and is usually targeted at online banks, social network websites, payment services such as Paypal and sites that support a large volume of users.

The actual phishing act itself can consist of any number of carefully concealed and contrived approaches designed expressly to solicit details from the intended victim. The most common approach is to use email. Emails that are carefully constructed to appear to be legitimate notifications from services such as banks or Paypal direct users to alternate websites asking end users to update their account information. The actual designs of the emails replicate the formats used by the original company and can be difficult to spot unless appropriate caution and due diligence is exercised. Poor spelling and 'mouse over' links that direct to third party sites, other than the legitimate organization, provide clues that the email is bogus.

Phishing

For the most part, organizations have become aware of this tactic and do not request individuals to update their accounts through standard email formats. Official letters from the organizations and emails educating account holders about phishing scams have become common practice for organizations trying to combat this fraud. Despite this, other methods such as installing 'key loggers' and 'trojans' on the intended targets computer are also designed to procure sensitive information for identity theft purposes. Programs and initiatives by browser and third party spyware and malaware companies are available over the internet for individuals who want to take an anti-phishing stance and minimize the chances that a phishing attack can occur.

Legislation in over twelve US states including: California, Connecticut, Florida, Hawaii, Louisiana, New jersey, New York, Ohio, Oklahoma, Pennsylvania, Tennessee and Utah has been initiated as a direct response to the threats posed by identity theft attacks. End user education is freely available throughout the internet and the anti-phishing organization has evolved as an initiative between individuals and supporting organizations to combat internet scams and frauds. The APWG has members from over 1600 worldwide companies and agencies including 8 of the top ten US banks, 4 of the top US ISP's and industry wide representation from technology vendors. This working group helps to promote education and improve awareness about the current state of phishing activities on the internet.

It is prudent to exercise caution when downloading and opening emails that are suspicious in nature. This is especially the case where the nature of the email relates to personal and account details. When in doubt it is best to avoid acting. Additional information about phishing is available by perusing the articles on this site.

Resources | Privacy Policy | Contact Us |