Phishing: Examples and its prevention methods.
The perpetrator will use fake website they have created to steal the information from people, the fraudulent email address that they have sent usually redirect to the perpetrator website which is fake so that it looks similar to the original website., such as through e-mail, ebay, paypal, bestbuy, msn, yahoo, Citibank, AOL & etc.
Example of phishing from e-mail:
Example of phishing from Citibank:
There are many prevention methods to prevent or stop phishing:
1) Never reply to e-mail message that request your personal information.
Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself but don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place.
2) Don’t click links in suspicious e-mail, the link might not be trustworthy. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a “refund.” If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card. In any case, delete random emails that ask you to confirm or divulge your financial information.
3) Help protect your PC, keep your PC updated & use antivirus software.
Anti-virus software scans incoming communications for troublesome files that can effectively reverse the damage; and that updates automatically. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.
4) Don’t send personal information in regular e-mail messages.
Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). However, no indicator is foolproof; some phishers have forged security icons.
5) Monitor your transaction, and review credit card and bank account statements as soon as you receive them
Check for unauthorized charges. If the statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
Although internet has given us many convenience especially in buying or selling goods or services, but the awareness must be taken into account so that we will not been cheated.
References:
http://www.planb-security.net/wp/503167-001_PhishingDetectionandPrevention.pdf
http://chowkamleeng.blogspot.com/2008/06/phishing-examples-its-prevention.html
by Lim Hui Min