[Security] Avoiding Phishing
Phishing is defined as the practice of using fraudulent e-mails and fake duplications of legitimate websites to extract financial data from computer users for purposes of identity theft.
Imagine one morning waking up and doing your daily routines, you check your email and see that an email from your bank, EBay, Amazons etc. stating your accounts have a zero balance, then it gave you a link to click. You enter your username/password and all of you’re the information looks correct and logout to continue your day. Later that day you attempt to purchase an item using your debit card and the transaction is decline. You log into your online account to verify the information displayed earlier that day and now your account is cleaned out. You go back to that email click on the link, the site is no longer accessible, and there is no way to track them.
The Phishing fraud operated by the “Phisherman” creating a false duplicate websites of a legitimate financial organization that is well known. It may look like the real thing but it is a clone. They follow up the process by send out a mass email to hundreds of users stating there is a problem with their account. The unsuspected user enters all of the vital information; the site collects the information as well as passes it on to the real server for access. The fictitious site never stays up for long just for a few hours so the “Phisherman” can hook as many phish as they can, then they’re gone like it was never there, that’s why there so hard to track.
There many ways to avoid this:
1. Do not access your account through the email or pop-up.
2. View all email in plain text if possible.
3. Contact the organization using a telephone number.
4. Report the email to your financial institute.
5. Type the web address or use a bookmark for your online banking.
6. Avoid visiting site with expire certificates.
7. Delete the phishing email.