Phishing is the name given to a particular type of internet scam that is used primarily by criminals and hackers in order for them to try and obtain personal and valuable information about people that can then be used in various different ways. I shall be discussing what phishing is and how best to avoid it.
What is phishing?
Phishing is when criminals or hackers gain sensitive or personal information by pretending to be legitimate sources. For instance, the phisher might send a scam email purporting to be from the victim's bank. Upon opening the hoax mail, the user could be asked to login to their account and may be presented with a link that leads them to what looks like their bank's website. Whilst everything may look legitimate as the victim attempts to login, their sensitive data such as user name, password etc. will be automatically sent to the scammers for them to use for fraudulent purposes.
How to avoid phishing
There are a number of basic techniques that a user can undertake to avoid being the victim of a phishing hoax. Some of these are outlined below:
- Never click on a link purporting to be from your bank, credit card company etc. that asks you to log into your account. Most banking institutions have a policy whereby they would never do this.
- When doing something like online banking, always ensure that you log into the bank through a secure website. This can be seen in the web address bar with 'https://' (not the s at the end of http) at the start of the address.
- Never fill out a form that you have received via email that asks for personal information.
- Many web browsers now have available plugins that will protect users against known fraudulent websites. Consider installing one of these.
- If you receive a hoax email, be sure to forward it to the support email address of the company the hoax email is trying to imitate.
- Regularly login to bank accounts etc. and keep an eye on any suspicious activity.
- Do not use the same passwords for different accounts and change them regularly.
By following the few simple rules above will help to thwart any phishing attacks in their tracks.