‘Phishing’, not Fishin?

All right, what the heck is ‘Phishing’? When you go fishing, you put some bait in the water and hope that a fish comes along and takes it. If he does, you’ve got yourself a tasty meal or even a nice trophy! Well, ‘phishing’ is the same, except you are the fish! Maybe you’ve received an email from your bank, credit card company, or investment company that said something like
‘...there is possible fraud on your account, please click the link below and sign into your account …’.
‘...because of xxx, you must change your password (or pin)…, please click on the link below to sign into your account..’.
‘…your account has been placed on hold for security measure maintenance’
‘…because of a ‘technical update’ you need to reactivate your account..’
‘…we had to reset your password for security reasons. Please logon and enter your new password and choose a new one..’
Or
‘…Best buy Order #XXXX Fraud Alert’, The email informs you that someone apparently had made an online order using your credit card information at the Best Buy Web site. The email requests you to visit a ‘special Fraud Department’ page at the Best Buy Web site where you can confirm or decline the transaction by providing the correct information.
‘…eBay is “undertaking a period review of our member accounts,” and that as a result, you have to go to their Web site and fill out the required information.
Did you do it? Did the link look ok, like ‘www.bankname.com’ or ‘eBay.com’ or ‘BestBuy.com’? When you clicked on the link, did the site look exactly like the legitimate web site? Correct logo; etc.? Did you enter your userId and password (or pin)? If you got this far, the next screen will look the same and ask for your userId and password (or pin) again.
Here’s what has happened – the email was NOT from your bank, etc. It was from a ‘Phisher’. Oh, it looked like a legitimate email; the link looked right; the web site looked right; etc. If you did everything and entered your userId and password (or pin) you just gave the information to a criminal! In a matter of minutes, either the criminal has changed your password or pin, or your account has had the maximum withdrawn from it!
How can you stop this and tell a legitimate email from a false one? Several things:
Never enter your pin or password if asked from an email. If you really feel it IS from your financial institution, then do NOT click on the link in the email, instead, manually enter the web site address into your browser address bar or use the one you have in your favorites.
Move your mouse over the link in the email. Look at the bottom of your browser window, the actual address will be here, notice it’s NOT the correct one.
When you get to a financial website that is asking for your id and password, or you are entering a credit card number, always look for these things:
a closed padlock icon at the bottom of your browser window;
the address of the website should be ‘https:’, not just ‘http:’ in the browser address bar – notice the ‘s’ on the end. The ‘s’ means ‘secure’ as does the padlock; and
read the SSL certificate that pops-up or heed any warning about expired certificates. These certificates are on file and have been verified to ensure the site you’re visiting is the ‘official’ site!
Be sure you have a firewall set to ‘on’ on your computer. One comes with Windows XP or you can purchase Norton.
Install Spyware software. This will get rid of software that is ‘spying’ on everything you enter into your computer and sends it to criminals! I use Spybot (www.spybot.info/)
Install Spam software. I use MailWasher (www.firetrust.com) to filter all our email.
Install Anti-Virus software. I use AVG Anti-Virus. (www.grisoft.com). It’s free!
Keep the software up-to-date and ‘always on’!
Use all these methods but also, ‘BE SMART’! There is NO legitimate reason for any company to request your personal information thru an email!
Have a question or problem? Write me at BaliPCAdvisor@GMail.com. I’ll try and answer as soon as I can.
Bali PC Advisor and other Bali Advertiser article Archives now ONLINE: www.baliadvertiser.biz/articles/index.html.
NEXT: Common ways to Kill a PC
PakBruce, your Bali PC Advisor!
©2006 BaliPCAdvisor@GMail.com. All rights reserved.
This material may not be published, broadcast, rewritten, or redistributed without permission of the author or The Bali Advertiser