Phish and Phishing – and not the eating type

What is Phishing?

Phishing is a method of acquiring sensitive information, such as usernames, passwords, and credit card details by masquerading as a trustworthy source.

Emails or instant messages pretending to be from popular social websites, auction sites, online shopping, banks, payment processing or IT administrators are commonly used to trick the unsuspecting person.

Phishing scams will often direct you to enter your personal details into a fake website whose look and feel are almost identical to the real website.

Phishing uses social engineering techniques to deceive you, and exploits the poor usability of current web security technologies.

Unfortunately there is little the authorities can do to protect you. Yes there is legislation and laws but that only attempts to bring a conviction AFTER the event. Yes there is technology and software that can filter out the obvious threats, but the only way to truly tackle the growing number of phishing incidents is with public awareness and training.

Phishing attacks can be very sophisticated and will get harder to spot as time goes on – so be on your guard.

Some general advice on Phishing

  • be on the look out for emails containing dire warnings
    (eg your account will be deleted if you don’t act now!)
  • look out for emails that ask you to provide personal information
  • don’t reply to phishing emails
  • don’t follow links within emails
  • never reveal passwords
  • never send credit card / bank details via email
  • use your common sense!

Training against Phishing?

Think you can outsmart Internet scammers?

Can you tell the difference between a legitimate website and one that’s a phishing attempt? Take this quiz from OpenDNS to find out:
http://www.opendns.com/phishing-quiz/

I hope you found this article useful.

Toodle pip!