What is Phishing? (Pronounced: Fishing)
Definition from Computerworld states, "Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses. These authentic-looking messages are designed to fool recipients into divulging personal data such as account numbers and passwords, credit card numbers and Social Security numbers."
How to recognize a phishing scam
-They tend to be e-mails asking you to provide your personal information to verify your account or to ensure the account is not terminated.
-False claims will come through as legitimate companies such as: banks (US Bank, Bank Midwest, Citizens Bank, etc), credit lenders (Capital One, Chase, etc), eBay, PayPal, etc.
-Look for typos or bad grammar in the e-mail
-Phishing emails will convey a sense of urgency so the user will feel they need to respond immediately without thinking.
-For more information and examples: http://www.microsoft.com/security/online-privacy/phishing-scams.aspx
What to do if you are a victim
-Individuals can contact the following agencies:
-Contact the company that the email appears to be from
-Also forward such emails to Truman's Barracuda spam filter : firstname.lastname@example.org
-For more information:
Ways to avoid phishing scams
-Be aware that the threat is real.
-Keep in mind that no legitimate company will ever ask you to verify your password or account information via e-mail
-Always be suspicious of any email message that asks to verify personal information. Never reply to or click the web links in the email message.
-If the message appears to be legitimate, then go directly to the company's web site or contact the company directly by phone (do not use the link or phone number in the email itself)
-For more information: http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
Other ways phishing is done
-Attempts to send user to call a phone number (instead of directing them through a website). Once the number is called, the user is then asked for their account information
-Fake websites (Pharming)
Damaged caused by online scams
-198 million dollars in 2006 (source www.ic3.gov annual report)
-Loss of personal finances
-Destruction of Credit History
-Email Spoofing: http://www.windowsecurity.com/articles/Email-Spoofing.html
-Truman's Spam Filtering Information: http://its.truman.edu/documentation/index.asp?docId=340