Phishing – be careful

In the past one month or so I have received 3 to 4 phishing mails and messages and have fallen for couple of them… off course after entering my userid and password, I realized that they were phishing attempts and change my password immediately…I consider myself internet savvy and was shocked to realize that any one can be deceived with a neatly designed phishing website. After these attempts I decided to write about phishing…

What is phishing?

The act of sending an email/messages to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has.

How it works?

Once you click on the link in the phishing email..you will be taken to a fake website which looks identical to the original website. In the fake website you will be asked to enter your personal information like password, bank login id etc. Once you enter that information and click on submit the information you entered will be emailed to scammer and the page will be redirected to original website. You will think that there might be some kind of glitch and you will enter your id and password, this time you will be able to login as this is the original site and you won’t realize your personal infomation was compromised.

Yahoo password cracking?

Recently some of my friends complained that their yahoo passwords were hacked. Most of them lost their yahoo accounts in phishing attempts. I will explain one of the phishing attempt for which I have fallen. Two days back I got an offline message from one of my friend to view his photo on yahoo… the message contains a link to the photos. When I clicked on the link it took me to a fake site which is identical to yahoo photos home page…below is the screen shot of that page…

 phishing

I thought that I should login with my yahoo id to view the photos..I entered my id and password and click on submit button. After I click on submit button, the page got redirected to original photos.yahoo.com site. By this time I was realized that I had fallen for phishing attempt and my yahoo id and passwords were emailed to the scammer. I immediately changed my yahoo password to protect my yahoo id.  

How to identify a phishing attempt?

One should look at the URL, the scammers use the URLs that they are similar to orginal URL and there will be some difference. Any small difference should alert you. Do not click on the links sent by the people you don’t know. Be careful while opening the links sent by your friends as well, it might be spam email which appears like from your friend’s email id in reality it might be a spam email. Please note that the organizations, banks and service providers never send you emails to validate your account. If you get any such email there are 120% chances for that email to be a phishing email.

How to protect yourself from phishing?

1. Do not click on the links sent by unknown person.

2. If the link is sent by known person check the URL.

3. When you are in doubt, enter dummy userid and dummy password and click on submit if the site redirects to original website then it is 100% phishing attempt and get out of that site.

4. By chance if you missed to notice the phishing attempt and entered your id and password and the page redirects and asks for id and password again, make sure that you immediately changed your password.

5. Ignore the emails that request you to validate your account details.. please note that banks will never ask you to validate your account details.

November 27, 2006 | Filed Under Informative, Internet, Technology 

Comments

Leave a Reply




Related Posts from the Past: