How to avoid swallowing phishers’ hooks
Fishing is dangerous to fish.
Phishing is dangerous to everybody whose computeris connected in whatever way to the Internet.
The origin of the name is simple: in a way similar to the actions of a fisherman, a Phisher is casting out an enticement and trying to get you to bite.
How does a Phisher cast this line? Easy. You’ll get e-mails that look exactly like any you might get from PayPal, eBay, or any major bank. It will include an urgent message that asks you to click a link to go to the company’s web site, and enter your personal information. All of this in the name of your own interest, safety and security: somebody’s been trying to obtain your money fraudulently, and the bank is merely investigating, an e-mail like this will tell you. The e-mail often goes on to threaten closure of an account if the user doesn’t resolve the issue.
The eBay or PayPal phishing e-mails may look like a message from an irate buyer who demands action immediately. They can also appear to come from eBay or PayPal account services, asking you to update or confirm your information. Following the link in the e-mail takes you to a site that asks you to enter your username and password. Often, the phishers will ask for even more sensitive information while they’re at it, like Social Security numbers, bank or credit card numbers, and even passwords to other services.
The Phishing e-mails that look like they come from your bank tend to be less dramatic. They usually say that they are updating their systems, and need you to confirm your account. Usually you’ll be taken to a screen that looks like your bank’s web page, where you’ll be asked to enter your online banking name and password. And again, the perpetrators will often threaten account suspension or closure if you don’t do as they ask.
It’s really easy to be fooled by these e-mails because many of the links in the e-mail and at the phishing site are really for the bank, making it really hard to tell the difference. But no matter whom it appears that these e-mails say they come from, the best way to fight phishing is simple. Never, EVER give out you private information.
There are a few tips to keeping yourself safe against Phishing.
- Firstly, never click on a link from an e-mail that is similar to the types described earlier. If, for example, the e-mail says it’s from PayPal. Then go to the PayPal web site: open your browser and type in (using your own fingers): www.paypal.com. Once you’ve logged into your PayPal account, you’ll find out if the e-mail was true. If they really wanted you to update your information, they would ask then. The same idea works for anyone else: just type the sender’s name into the browser yourself.
- Another point to know is that most web sites that require you to log in will encrypt the login page. Encryption simply means they scramble all the information so that others can’t read it. You can spot this easily. Instead of the web page address starting with ‘http’, an encrypted page starts with an ‘https’. A little closed lock will often appear near the bottom of the browser window, depending on the browser you are using.
- Another tip is that most e-mail programs can show you some of the hidden tricks the phishers try to use. The easiest is instead of clicking the link in the e-mail; just hold your mouse over it for a second. The link might say www.paypal.com, but when you hover over it, a balloon might tell you that the link is really to www.mean-phishers.com/paypal. (Don’t even think of trying to open this page. It doesn’t exist but in the writer’s imagination.) In any case, don’t allow yourself to be fooled by these tricks. If you feel that you want to click the link, make sure it goes to where it says it will.
- But perhaps the easiest option is to count on the technology in the latest browsers. The newest versions of Firefox, Opera, and even Internet Explorer have a built-in Phishing filter. These browsers will give you a warning when you have clicked a link that is sending you to a known phishing web page. Firefox displays a warning box with Get me out of here! as an option. To enable the ‘Fraud Protection’ feature on Opera, from the menu Tools > Preferences > Advanced > Security , and check the box marked “Enable Fraud Protection.” then click Ok. In Internet Explorer, the address bar at the top is green when the site is OK, but goes red if it’s not. Internet Explorer then takes you to a warning screen first that says Phishing filter has determined that this is a reported phishing web site. Unless you like toying with the phishers, don’t go any further. You and your affairs will be kept safe and sound. eBay, PayPal, and most banks have Phishing awareness links on their pages. It’s a good idea to check them out for even more security. Here are a few of them below. If your bank isn’t listed here, that’s OK, most banks have a phishing awareness link right on the front page.
Click here to find where to check for phishers:
- PayPal
- eBay
- Anti Phishing Group
- Royal Bank of Canada
- CIBC
- TD Canada Trust
- Bank of Montreal
- Scotia Bank
- National Bank
- U.S. Bank
- Bank of America
- First American
- Wells Fargo
- HSBC
- Chase Manhattan
- Citibank