Have you ever received a mail which directs you to a fake company’s website that requests for your bank account details or other credential information? If your answer is positive then you are likely to be the victim of phishing scam.
Source: iStockphoto.com/Stuart Hickling
Phishing is a common term used for e-mail fraud scam or fake text messages sent by cyber-criminals. Let us consider an example of PayPal- Online money transfer Service. PayPal has been widely accepted by users across the internet due to the ease with which funds can be transferred between accounts. But lately, according to a new report from McLean-based Cyren, Phishing attacks aimed at PayPal users increased 73% during the first quarter of 2014.
Cyber-criminals deploy various methods to trick computer users. One of the methods is to send a hoax e-mail that looks like coming from a genuine source, requesting for username and password. Another method is to send a similar e-mail that includes a link which directs the targeted user to a legitimate-looking company’s web page with a motive to obtain user account details.
In the above example, emails claiming to be from PayPal comprised of a link that takes the user to a phony log-in site. This log-in website asks for an email address, password, date of birth, address and credit card information. An identity thief uses such methods to steal user’s identity. These malicious attempts are made to gain users personal information.
Moreover, the mails that you receive as Phishing emails look exactly same like you would expect a genuine email to look with same banner color, logos and form items for you to complete. It also contains a link which will take you to a website where you are asked to enter your bank account details or your email ID and password.
This fake link which directs you to the homepage of a company or bank looks exactly same like a genuine website, but the difference is that, once you enter your details you will not be sending it to the genuine company; you will be sending it to a criminal gang. As soon as this criminal gang receives your account number and password, they will change your password to restrict your access and perform criminal activities using your account.
According to the RSA Monthly Fraud Report, 52,554 phishing attacks were identified in the month of April, marking a 24% increase from March’s attack numbers. As per the same report, over 50% of phishing attacks in March were targeted at brands in the U.S., UK, India, Italy and Canada. Amongst which, U.S. hosted 34% of global phishing attacks in April, followed by Germany, the Netherlands, and Italy.
The question is, why does the hacker need your information?
Cyber-criminals use your information to steal any crucial financial data, access your financial accounts, transfer your account balances, access your personal email account, open a new bank accounts, make purchases, apply for loans and much more. They may also use this information to exploit you financially or execute other criminal acts such as identity theft.
Hence, users of any online service, especially financial ones, should be extra cautious when logging into a site. The following preventive measures should be taken into consideration.
- Identify phishing emails, such mails are filled with countless grammatical errors and are often written in awkward English.
- Never respond to emails or messages from unknown sender that have “undisclosed recipients” in the address line.
- Do not click on the link mentioned in the mail, if required type it in another browser tab to see what it contains.
- If at all you happen to click such a link and see a request for your banking credentials or other details for any kind of verification or updating purpose, do not enter your personal or financial information.
- Be careful and avoid providing information related to your credit card, bank account numbers or passwords to any unknown site or a fake site. Most Internet e-mails are NOT secure.
- Never get carried away by genuine-looking website that contains identical looking logos, pictures and banners.
Without accurate email protection you are at great risk of being trapped. Prevent yourself from becoming victims of phishing scams, use eScan Total Security Suite with Cloud Security for Home and Small Office Edition for real-time protection to computers from, phishing and spam emails, objectionable content and cyber threats.
Get the free trial of eScan Total Security Suite with Cloud Security from here: https://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=ES-TOTAL-SEC
One Comment
Polu
There are 3 things to check, when official email comes. It is easy and I think that these things are effective. Here is an article about it: http://blogen.stickypassword.com/3-keys-to-protect-yourself-from-phishing-attacks/