What Is Phishing?

Phishing is the name given to the technique of stealing personal information from Internet users. The information phishers want is usernames, passwords, account numbers, credit card numbers and social security numbers.

And why do they want this information? Usually to commit identity theft or fraud... in other words, to either withdraw or spend your money or to use your identity to set up loan accounts and credit cards to spend money in your name. Often, these fraudulent purchases are put up for resale and the personal data can also be sold on to others.

The phishing attacks typically combine spam e-mail and fraudulent Web pages that look like legitimate Websites.

Often the recipient is asked to click on a link in the email which leads the user to a cloned, counterfeit website. It's here that the victim -- thinking they are at a genuine website -- then enters their username, password, account number etc.

The phisher then uses the information to visit the victim's real account!

Phishing And How To Block It...

Here are some of the ways phishers attempt to give the appearance that their emails and the websites linked to those emails are genuine...

I. Phishing And How To Block It... Amended URLs

Pay attention to the URL (Uniform Resource Locator), or address, of a web site link included in the email and the email address itself. Malicious web sites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain, such as '.net' instead of '.com'...

II. Phishing And How To Block It... Floating Window Java Script

This trick is used extensively by phishers. When victims click on a link to a website in the phishing email, they are taken to a site which uses a Java Script program to cover the actual URL in the address window with the image of a fake one.

So, although you may see the address of the authentic site in the window, it is actually a fake site. This technique of using a false URL is known as 'spoofing'.

I. Phishing And How To Block It... Don't Provide Personal Information

No real financial or e-commerce institution will ever ask for your personal or financial information. So do not trust any e-mails requesting personal information.

II. Phishing And How To Block It... Turn Off HTML EMail

One of the easiest ways to detect phishing spam is to turn off HTML email. By doing this, an email client will always display the raw URL address of a link, rather than display normal text.

III. Phishing And How To Block It... Don't Click Links Or Phone

Never click on links in emails... particularly when it concerns your financial information.

IV. Phishing And How To Block It... Greetings And Spelling

Real organizations greet you by your name in their mails. Their mails start with a salutation that includes your name, like 'Dear Mr. Smith'.

Beware of emails that greet you impersonally, such as 'Dear Friend'. The chances are they are phish mails generated by spammers.

V. Phishing And How To Block It... Web Site Security

The URL will also begin with https://, rather than the standard http://. This informs you that, as your personal details are transferred over the Internet, they cannot be read by anyone-else because they are encrypted.