首頁Caraballo
Identity theft thieves have taken the world wide web by storm. 1 of their favorite identity theft techniques is phishing. Phisher...
One of the primary components of an successful identity theft protection method is to basically be aware of what info you are providing out and to whom you are providing it. This might seem obvious, but todays technology tends to make it a little much more tough, especially as far more and more customers move to the net to spend bills, apply for loans, manage accounts, and so forth.
Identity theft thieves have taken the web by storm. A single of their favorite identity theft techniques is phishing. Phishers lurk the dark hallways of the web trying to obtain your most sensitive information -- usernames, passwords, credit card numbers by sending you emails posed as your friendly neighborhood financial institution.
A Really Brief History of Phishing
It has been stated that phishing got its start on shocking! AOL. A phisher would comprise an elaborate e mail appearing to come from AOL itself and request that the recipient verify their password and/or billing details since anything was supposedly wrong with their account. As soon as the phisher had the data, they would access the account and use it for nefarious purposes, typically to spam even far more individuals with added phishing emails.
AOL went on the attack in 1997 to shutdown phishing activity. The Firm was pretty productive, but to no avail. Phishers just moved on to bigger phish, so to speak. They began utilizing the credit card data they received from phished AOL accounts to attack payment systems of large financial institutions.
How Phishing Performs A Brief Primer
There are two fundamental measures to a phishing scam:
A manipulated hyperlink
A phony (or spoofed) site
Hyperlink Manipulation
The victim receives an email from a financial institution claiming theres a dilemma with their account and they need to log in to repair it. This e mail is sent out to thousands of e-mail address at the very same time. Only a handful of will truly have accounts with the financial institution becoming spoofed and only a few of these will act on the request. However, all it requires is one
The victim clicks on a hyperlink that leads them to a spoofed website. The link may be buried in an anchor link, such as:
HTML Code:
< a href=" to Real Bank appstar rip off
How it would appear:
Link to Real Bank
(Of course, the above would be clickable in your email browser)
The above, based on the text link, appears to be going to the real bank, but the actual link goes to the spoofed website.
Another way to manipulate the link is to register a domain that visually appears similar to the domain of the real company:
Real Company website: www.financialinstitution.com
Spoofed website: www.financia1institution.com
Did you catch it? The L in financial has been replaced with a 1. The casual observer, already concerned about their account, may not notice the difference. They click on the link and now theyre in a world of hurt because they just went to a
Spoofed Website
The website they end up at has been developed to look exactly like the real one. The identity theft victim logins in with their username and password and simply gets some kind of error message, something like, The Site is Down for Maintenance or Cannot Connect to Server. Please Try Again Later. The website logs the account information, forwards it to the identity thief and he or she is off to Bermuda on your dime.
Obviously, this scam can be much more elaborate than what is detail above, but thats phishing in a nutshell.
How to Protect Your Identity from Phishers
Tip #1: The easiest way to protect yourself from this scam is to ignore them. Trust me, if theres something wrong with your account, your bank or credit card company will contact you by phone.
If you think that the email you received could be valid, do not use the links in the email to follow up. Open a new browser window and manually type in the website address. Better yet CALL them from the phone number on your statement or the back of your credit card. Never use the phone number in the email.
Tip #2: Be on the look out for identifiers in the email. Do they refer to you by name? Did they include a partial account number? Such information might indicate that the email is real. However, always err on the side of caution. Identity thieves may have found out your name or partial account number by some other means and are trying to catch you off guard. Dont let it happen.
Tip #3: Use your spam filter. A good spam filter should catch most phishing attempts. Should.
Awareness = Protection
As with all identity theft topics, keeping your eyes wide and your brain active is your best defense against phishing scams. Pay attention to what youre reading and what links youre clicking. Quickly scan your email before clicking on anything. If something catches your eye, give it a second glance. If it seems out of place, hit delete. Its as simple as that.
