What is "Phishing?"

Phishing schemes are attempts to steal sensitive personal information – such as passwords, credit card numbers, social security numbers, etc. – through the distribution of fraudulent e-mail messages.

A phishing scheme typically consists of an e-mail message that appears to originate from a trusted source, but in fact is an attempt to obtain and exploit sensitive user information, such as login credentials for the targeted user's online bank account. Often, the message will ask you to "update" account information (including credit card and checking account information, social security numbers, addresses and telephone numbers). Most phishing scams instruct you to do so via a form in the body of the e-mail. Sometimes, you will be prompted to click on a link that appears to lead to an authorized Web site that belongs to a legitimate, trusted company.

The idea is to make you take the bait by entering the requested form data or clicking the link and providing the requested data to the fraudulent party, which will then attempt to exploit the obtained information.

As more and more communication and transactions are taking place online, phishing schemes and other attempts to steal sensitive personal information have become increasingly prevalent and innovative.

Phishing attacks against online consumers have become so widespread that an estimated 57 million Americans have received fraudulent e-mail messages and 1.98 million may have fallen victim to the subsequent scams, resulting in approximately $1.2 billion in direct costs to U.S. banks and credit card issuers.*

The FTC suggests these tips to help you avoid getting hooked by a phishing scam:

• If you get an email or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.
  
  
• Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
  
  Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
  
  A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
  
  
• Don’t email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

• Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
  
  
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.
  
  
• Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
  
  
• If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.

 

Teens can gain Internet access whether at home, at a friend's and even in public places. More than likely, your children are not looking for trouble when they use the Internet. However,....

In this age of online shopping, buyers need to be extra careful when they pull out their credit cards. Charges can be run up on your cards by fraudsters who improperly obtain your account information...

Archives  -      PC Mistakes

Before you actually call the help desk,
or us here at Computers Don't Byte,
try these time-saving tips that tend
to fix some of those annoying PC
problems: