|
|
|
|
|
|
|
|||
|
|
|||
|
|
|
|
|
|
|
|||
|
|
|||
|
|
|||
|
||||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
Several precautions can be made to lower the risk / avoid phishing scams and attacks. One of our greatest fears is for our bank accounts to be robbed by hackers. Ironically Phishers rely on these same fears to make the victim act immediately, without checking with their bank first. Spontaneous and hastened actions might, however, leave you scammed by a phishing attack.
1. Regarding emails: DO NOT trust emails urgently requesting personal financial
information !
Phishers want you to react immediately and therefore include upsetting or
exciting statements which trigger fear or happiness. They may falsely claim
suspicious withdrawals from your banking account, present you as the winner
of a lottery or play on your passion for example politics / religion. Never
give any account information on the web, no bank or any internet comerce will
EVER need to ask you for your account information.
CHECK & REPORT the incident with your bank or the actual company supposed
to have sent you the email so they can take steps to prevent the fraud from
scamming people.
2. Be sure not to call any number or use any link in the suspected email as this may put you in the hands of those responsible for the phishing attack.
You can risc world wide web spoofing, which trap you inside a fake internet universe of the scammer, you can risk downloading nasty complex trojan horse spywares which put keyloggers on your computer, you can risk executing scripts changing your hosts file hijacking your search engine and your internet browser, directing you as they see fit to false net banks or the like to phish your information.
It is generally safer to write the banks specific address in the address field or call the banks specific number as found on their official pages, but;
WARNING; By using a trojan horse spyware, phishers can change your HOSTS file which thereby redirects specific URL's to a page of their choosing. They could copy your banks webpage and redirect you to their fake bankpage even if you wrote the exact correct address into the adress field. This means; You MUST have control over your HOSTS file.
3. Be suspicious of impersonal emails.
Phishing attacks are directed towards millions of people through email spam. The emails sent out during a phish are therefore impersonal and general, contrary to emails from your bank which are usually personal in nature. The big banks with a higher probability for hitting customers are the victims most subjected to this. Almost all big banks in the world have been subject to phishing frauds trying to reach their customers. Examples are the Bank of America, Bank of Montreal and the ANZ Bank of Australia.
4 . NEVER fill out forms in email messages that ask for personal financial
information
Typicall phishing scams or hoaxes ask for information such as usernames,
passwords, credit card numbers, social security numbers through an online
form.
Frankly speaking, the banking companies have better control over their customers
and would never ask for account information. A request for these types of
info should ring the alarm bell.
5. Be suspicious of email links. Never trust it! There are ways to "spoof
it" !
The link from the email is the key to successful phishing scamming which will send you to the phishers own internet site with an online registration of account information. If the link in question shows http://www.evilhacker.com it is likely to scare of most of its target audience.
One way the scammers have to go about this is to buy a new domain with an apparent link similarity to the bank or e-commerce it’s trying to be portrayed as. For example could a link supposed to go to the AOL account management be registered as the similar new domain; http://www.aolaccountupdate.com, of course with the text click here immediately. The phishers also have new sophisticated ways of avoiding this, like the use of security holes in explorer or so called floating windows.
6. Always ensure that you're using a secure website when submitting credit
card or other sensitive information via your Web browser
By checking the beginning of the Web address in your browsers address bar
showing "https://" rather than just “http://” would
ensure that you are using an encrypted secure website. A small chain will
also show in your browser when you are using a secure website.
WARNING: Phishers can get you to enter their own website and create a "secure link" for you to give all the information they need. They can also spoof the windows explorer to show excatly what they want by putting a window in top of the other, covering the real internet URL.
7. Regularly log into your online accounts
Having a healthy control over your banking accounts is normal good conduct.
Don't leave it for as long as a month before you check each account. Regularly
check your bank, credit and debit cards to ensure that all transactions are
legitimate. If anything is suspicious, contact your bank and all card issuers
8. Ensure that your browser is up to date and security patches applied
The Microsoft Internet Explorer browser has several security holes exploited
by phishing attacks. Download the security patches at Microsoft Security home
page, http://www.microsoft.com/security/
9. Help stop phisching by reporting "phishing attacks" or “spoofed”
e-mails to the following groups: