Gone Phishing

Yesterday, Christine discussed a couple of reasons why folks in certain states may be more susceptible to ID Theft, and she mentioned specific types of people being more vulnerable to Phishing. As such, I thought it might make sense to discuss, in a little more depth, what exactly Phishing is, and hoe you can take steps to prevent being caught on the line.

Wikipedia opens it's page on Phishing with the following:

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

So, how does it work?

Thieves will create communications (perhaps an e-mail) that appears as though it is from a bank, and then send it to a load of people. Sometimes, it is very obvious that the e-mail shouldn't be handled (if, for example, you get an e-mail from a bank that you aren't a customer of, you likely won't read it or enter too much information).

However, when a thief hits his or her mark, the message that they send might go to a customer of the bank they are spoofing. In that case, how does a bank customer know if the e-mail they are receiving is from their bank or from a thief?

Here are a few things to keep an eye out for (I'll be discussing tips for e-mail phishing, but these apply to other types as well):

• Typos- many phishing schemes tend to come with grammatical errors or typos.
• Requests to verify information- Often, these e-mails come as some sort of request to verify account information (usually, there is a link asking for everything from your account number and password to your address). Note: Your bank should never e-mail you with this type of request.
• Blurred logos- Because thieves may have copied the logo from a bank’s website (or used a screen capture technology), it's possible that the logo they use in an e-mail phishing scheme will look slightly blurry or distorted.

Ultimately, the most important tip I can offer regarding phishing is this:

If you're not sure it came from your bank, call your bank using the phone number on the back of your credit or debit card, and ask them if the request is valid.

Posted by Darragh