INFOTECH: DonÂ’t Be a Phishing Victim
Recent Gauteng Business News
Hopefully, you would call the bank rather than logging onto the bankÂ’s Web site through the link on the e-mail to check the problem out for yourself. Unfortunately, many people still cannot identify these types of e-mails as the phishing scams they are. The Johannesburg Magistrates Court heard last week that banking clients in South Africa were collectively robbed of R180m in 2010 through phishing scams.
Â“These e-mails look exactly like e-mails sent by the genuine organisations themselves,Â” explains Simon Campbell-Young, CEO of specialist distributor Phoenix Software. Â“These messages all look very convincing and authentic. However, they are fraudulent e-mails constructed by con artists to look like legitimate communication. They usually ask victims to take urgent action to avoid a consequence or receive a reward. The desired response typically involves logging in to a Web site or calling a phone number to provide personal information. Sometimes victims need only click on links or open e-mail attachments for their computers to become infected by malicious software that allows phishers to retrieve the data they want or take control of the victimÂ’s computer to launch future attacks.Â”
Although the details of phishing scams can vary, the result is usually the same: thousands of unsuspecting victims give information to criminals who then use it to break in to their accounts and steal their money or identities, or both. "Phishing is a two time scam," Campbell-Young says. "Phishers first steal a company's identity and then use it to victimise consumers by stealing their credit identities."
How To Spot a Phishing Scam
So how do you spot the scam and avoid being victimised by itÂ‘ According to Campbell-Young, a good security software suite will do most of the work for you. Â“Kaspersky intercepted more than 209 million network attacks during December and neutralised over 196 malicious programs. With a good security solution, many of these e-mails will never even reach you.Â”
He adds that if you ever receive an e-mail message from your bank, your ISP, PayPal, EBay, Amazon, etc., read the note over several times. Â“Odds are that the note will appear legitimate, but you need to look for something fishy (no pun intended). For example, does the note have misspellings or bad grammarÂ‘ Is this the first message that you have ever gotten from the companyÂ‘ Does the company even have your e-mail address on fileÂ‘ If you have any suspicions at all about the message, then the message is probably illegitimate.Â”
The best thing to do in that case is to call the company that allegedly sent you the message. Never use the phone number included in the message though. Instead, take the time to look the phone number up in the phone book. ItÂ’s better to spend a few extra minutes looking up a number that you already have in front of you than to be a victim of a scam.
Never Open Anything Suspicious
Obviously, you should never click on a link within a suspicious message. If you really must visit the Web site that the message claims to be from, enter the siteÂ’s address into your browser manually. Other precautionary steps that you can take are to review your bank statements and credit card statements regularly to make sure that no one is stealing from you or making purchases in your name.
Â“If the e-mail refers you to a Web site, look carefully at the URL. It's easy to disguise a link to a site. Beware of the @ symbol in an URL,Â” Says Campbell-Young. Â“Most browsers will ignore all characters preceding the @ symbol, so this Web address http://firstname.lastname@example.org -- may look to the unsuspecting user like a page of Respected Company's site. But it actually takes visitors to thisisascam.com. The longer the URL, the easier it is to conceal the true destination address.Â”
Business News Sector Tags: Infotech|