Phishing (or hoax) emails appear to be from a
well-known company, but can put you at risk. Although they can be difficult to
spot, they generally ask you to click a link back to a spoof web site and
provide, update or confirm sensitive personal information. In order to bait
you, they may allude to an urgent or threatening condition concerning your
account. Even if you do not provide what they ask for, simply clicking the link
could subject you to background installations of key logging software or
viruses. Every business on the Internet is a potential victim of phishing email
attacks, eroding the trust of their customers in the company's communications.
Phishing, according to H. Buss, is one
of the most serious types of email scams associated with spoofing. Phishing
occurs when an email sender makes an email appear to be from a legitimate
source in order to gather information like usernames, passwords, credit card
information, and other private data. Emails designed to mislead email users
into inputting private data often look almost exactly like real emails sent
from the company, down to the appearance of the company website and the company
email and logo. These scam emails are usually made to look like a commonly used
company or service like a bank, credit card company, or online florist. Though
most phishing emails are sent out at random to any email address the spammers
were able to gather, some spammers target specific groups of web users whose
email contact information may have been accidentally breached or sold by a
company that legitimately collected the email address. (H. Buss in wiseGEEK)
Defences against
Phishing Scams
The following
are some best practices to avoid being caught by phishing scams-
1) Do
not respond to emails that request personal information (such as passwords), or
follow URL links from untrusted sources and suspicious emails. In this way, you
can avoid being re-directed to malicious websites by links that seem
legitimate.
2) Verify
the legitimacy of websites for organizations such as banks by contacting the
organization by traditional mail or telephone.
3) Type
the URL to the desired website manually, or use bookmarks you have saved
previously when visiting important or crucial websites.
4) While
logging into any online accounts you have regularly to check the account status
and last login time; determine whether there has been any suspicious activity.
5) Always
be wary when giving sensitive personal or account information over the web.
Banks and financial institutions seldom ask for your personal or account
information through email. Consult the relevant organization if in doubt.
6) Always
ensure your computer is updated with the latest security patches and virus
signatures. This will reduce the chance of being affected by fraudulent emails
or web sites riding on software vulnerabilities. This also helps protect your
computer from other security or virus attacks.
7) Consider
using desktop spam- filtering products to detect and block fraudulent emails;
however, beware of false alarms.
8) Send
any phishing emails you receive to the relevant organization and also the
police for further investigation.
Courtesy
:- Legal Point Foundation
No comments:
Post a Comment