What is Phishing?
Last Updated: Wed, 20 Apr 2011 > Related Articles
Learn about phishing, a malicious approach to stealing personal information from Internet users.
What is Phishing?
Phishing is the act of attempting to trick someone into giving out personal information, such as a credit card number, passwords, social security numbers or a PIN. Any information that can be used for identity theft.
Usually these attempts at gathering such information are sent in an email to an unsuspecting user and claim to be from an established legitimate enterprise. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers - information the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.
Ebay, PayPal and banking institutions are the usual targets of phishing scams; however, any company or government agency can be a target.
How can I protect myself from phishing?
Here are some things you can do to protect yourself and your identity.
- Never respond to an email query from a financial institution, auction site or anyone else asking you to confirm your identity on a website. Legitimate companies will never ask for this information via email.
- Know your source. If you are not a customer of the financial institution or other company, immediately delete the email. Hackers cast a wide net when sending these scams out in the hope of catching a few victims.
- Never click the link contained in an email, even if the correspondence looks legit.
- One way to test if the site is fraudulent is to provide a password you know to be false. If the site accepts the false password, you know it is a phishing scam.
- Keep your software up to date. Whether it is your browser or anti-virus software, make sure you are running the latest version.
- If you use Outlook, download the Service Pack 2. The latest service pack from Microsoft includes a new Phishing tool.