Gone Phishin'

Sadly, that's not a "typo" in the title, but a reference to a nasty little practice that some folks have of trying to get you to visit a malicious site and give up your personal information. According to Wikipedia, "Phising is a way of attempting to acquire information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication." 

Most often, your e-mail is the primary target for phishing scams although various social networking sites are sometimes utilized by scammers to make posts with links to the offending site. You can't really blame your e-mail client, ISP or favorite social networking site, these messages arrive with professional-looking logos and legitimate looking documentation that’s extremely convincing. All that's required to spring the trap is for you to follow the link they provide!
Clicking the link may take you to a very legitimate looking site that asks you to confirm your login information, social security numbers, passwords, etc... In fact, some phishing attempts have become so sophisticated that they can send you to a legitimate site (a bank for example) and then generate a pop-up window that asks you to confirm your information. In this case, the main page underneath the pop-up is a legitimate site, the pop-up is the actual scam!
So how can you avoid phishing scams?

If you receive an e-mail asking you to visit a Web site, you can find out who’s behind the message by checking the sender’s e-mail through WHOIS, before you click anything! Here’s how to do it:
  2. Hover your mouse over the link and copy the domain for the address that your e-mail client (Outlook for example)  displays. If you can't click inside the address box and highlight it, copy it down on a piece of paper. The domain is the component that is in front of dot com. For instance, the domain for http://bluelinenetworksolutions.com/ is  bluelinenetworksolutions .
  3. Point your Web browser to http://www.whois.net.
  4. Enter the domain from the e-mail’s link in the WHOIS Lookup control and click Go.
  5. WHOIS will display details about the site, including the company or person who registered it.
If your e-mail’s supposedly from a bank or legitimate institution but is registered to some company you never heard of, or even an individual out of the country, chances are this is a phishing attempt! Do yourself a favor and don't take the bait!
It's possible that the info you receive from WHOIS still doesn't provide you with the answer that you need. In that case, try to track down the phone number or actual website address for the company and see if things are legitimate. I remember a recent e-mail I received where all of the information was credible except for a phone number that was provided in the e-mail. When I tracked the legitimate company down I found out that they were aware of the scam being perpetrated in their name and an investigation was underway!

A few tips for avoiding phishing scams are:

  • If you receive an e-mail asking you to confirm information for your bank, credit card company, etc.. and it contains a link, don't follow the link. Close the e-mail and visit your bank's site the way you normally would.
  • Always make sure you are entering private information in on a secure website. These sites start with "https://" and a small "lock" icon will appear to confirm that the site is secure. If you click the lock icon the site's security information will come up and you can see who it is registered to.
  • Keep a close watch on the actual url of the site that you are at. For example, the text may say one thing but the link may lead you someplace else. In otherwords, if the link is supposed to go to "www.myfavoritebank.com" but the address in the toolbar says "www.yougotphished.com" then you need to get out fast!

If you'd like more information on how you can avoid phishing attacks, the FTC has published an article that can be found HERE. If you'd like more information on Blueline Network Solutions please feel free to visit our website at http://bluelinenetworksolutions.com or check us out on Facebook at https://www.facebook.com/Shopblueline.

No comments:

Post a Comment