Recognizing Phishing Messages

February 21, 2011Manhattan Tech Support

What’s phishing? How does it work? Keep yourself aware of basic phishing techniques and you might just save yourself from becoming yet another victim of these unscrupulous fraudsters.

Online oracle Wikipedia defines phishing as: “the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.” We probably don’t need to tell you what kind of damage unscrupulous people can do with that kind of data in their hands. This is why it’s important to identify phishing messages from the get go and prevent becoming a victim.

What makes a phishing message tick? How are they different from spam? What makes phishing different from spam is that phishing messages masquerade as official correspondence from a trusted source. While spam can be filtered, many phishing messages manage to bypass these filters precisely because they seem to be legitimate messages. They can be disguised as communication from your bank, your credit card company, or even from a large company such as Microsoft or Google, or social networking sites like Facebook, or MySpace. These messages come complete with official-sounding content and even logos stolen from the legit websites.

The website links in the message, however, direct you to a fraudulent but official-looking website where you are asked to divulge personal information. You can check these links by simply hovering your mouse pointer over them – watch out for misspelled or faked / masked websites.

Sometimes a telephone number is posted, and when called, you are asked for personal information. Remember, legitimate companies never ask for your password or similar data.

Another identifying factor: phishers bait people with everything from ultimatums (such as a deadline or expiry date) to shocking statements (such as, “you’ve won a hundred thousand dollars!”). These kinds of phrases are designed to create a sense of urgency, making users fill out forms and click on links without fully considering the consequences.

If you want to know more about phishing and how you can safeguard yourself against it, we’ll be happy to fill you in and discuss a customized security plan to keep you fully protected.

Published with permission from TechAdvisory.org. Source.