Yup, it happened to my wife last night. I proceeded to calm her down as we discussed what happened and realized that it could actually happen to anyone at any time. Even though it does happen often we tend to think, “Really? This happened to me?” Another way to let you know your account was probably phished is that you start receiving very upsetting emails from your friends on MySpace asking why the @#$% are you sending them crazy pictures or weird messages. Well, if its phishing from MySpace, probably not too big of a deal, just follow the directions from Tom (the MySpace guy) to change your password and move on. It will probably happen again since these days, there are more “spammers” then “friends” on MySpace.
But let’s forget MySpace for a minute, who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information.
Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.
Most of the time, it is not as easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may look like it actually is coming from the company who sent it. But when you click on the link to take you to the company's website, it becomes a fake website built to replicate the legitimate one.
Many of these jerks are professional scam artists. They waste their days away creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site. So what do we do to help decrease our chances of getting phished? Here are two things I suggest that could help:
1) My recommendations, never, ever, click the links within the text of a questionable e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your web browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website. (And trust me, if this email is coming from a bank, they will NEVER ask you for your account number, SSN or password in an email).
2) For most PC users that are familiar with Microsoft, you can upgrade your Internet browser to Internet Explorer 7 as it has an anti-phishing feature that you can turn on or off (it’s enabled by default) and it will help detect fraudulent websites. You can also download and install the Firefox web browser. This browser from Mozilla is more secure and stable. It also has an anti-phishing feature included which is enabled by default.
Upgrade to IE7 here: Internet Explorer 7
Firefox can be download here on my site. Just click on the box in the left column that says "Get Firefox with Google Toolbar"