The Sydney Morning Herald has a fascinating article today about phishing and clever attempts to relieve us of our login and password details, especially related to any system which has access to money.

“Viruses, worms and trojans are yesterday’s problem,” he says. “We expect to see more social engineering techniques rather than brute-force system-busting.”
Symantec’s Asia Pacific vice-president David Sykes says con artistry rather than technical trickery has become the most potent weapon in a malicious hacker’s arsenal. “… in the first six months of 2006 Symantec detected 157,477 new unique phishing attacks, an increase of 81 per cent on the same time last year.”

Wondering what ‘phishing‘ is? Have you ever received an email supposedly from your banking institution telling you there’s ‘been a breach of security’ and you need to ‘login and confirm details’? Or have you received an email from PayPal or eBay saying something similar?

This attempt to get us to click a sneaky link in the email, and head off to a website which LOOKS like one of these companies, is called ‘phishing’.

I like to think of it as being very similar to real fishing - you bait the hook, you dangle the line, and there’s always some unsuspecting wide-eyed newbie who’ll take the bait. Bingo! You’ve just netted yourself a new fish [or bank account or credit card or login & password details].

Many organisations now have specific departments to deal with this. I love PayPal - they set up an email name – spoof@paypal.com – where you can forward the suspicious emails. They investigate the sneaky links embedded within the email, and then get back to you confirm your suspicions. PS – Paypal now has an early warning detecting service for your account – read more here.

How to avoid the nastiness of being ripped off?

  • NEVER click a link in any email if you don’t know the sender.
  • NEVER click a link in any email from any financial institution [bank, credit union, PayPal, eBay] when it asks you to ‘confirm your details‘ in any way, shape or form. None of these places will ever ask you to do that.
  • NEVER open or double-click an attachment [in a suspicious email] – document, pdf, photo or image of any kind – if you do, you may launch a virus, or worse, a keystroke tracking program which will track every single keystroke you make … and then send it BACK to its owner … who then has your bank etc login and password.
  • NEVER give out any of these details over the phone, always ask for the person’s name, company and phone number and say you’ll call them back in a minute or two. Then you can ring the Head Office and see if this is ‘normal practice’.

Sound scary?

Of course it is, but being forewarned means you’re prepared – just because it arrives as an email with your name on it doesn’t mean it’s not an attempt to rip you off.

Remember – stay calm if you get one of these emails – do NOT click anything inside it. Pop over to the website for that company, look for Help or Contact Us pages, and you will probably find information on suspicious emails, and who to report them to. We all must report these, and forward the original email so these nasty people can be tracked and caught.

Be cautious and you have nothing to fear.

Ciao for now,
Teena!

About the author

 Lets go PHISHING   dont hand over your login and password! Hi, I'm Teena Hughes and I'm a techno-geek who loves the internet, technology and the fast pace of exciting new innovations. I love to share my knowledge and experience with others by helping them create their websites, build an online presence, become an expert in their field by using techniques like SEO, video marketing, online & offline marketing and many other groovy tools :-) If you'd like some help or to be pointed in the right direction, contact me today - I'd love to chat and to offer help in an easy-to-understand way, with easy-to-follow instructions and guidance.
Teena Hughes & BuildAWebsiteTonight on Google +
BuildAWebsiteTonight on Facebook
BuildAWebsiteTonight Youtube Channel

pdf Lets go PHISHING   dont hand over your login and password!Download Article Post to PDF
share save 171 16 Lets go PHISHING   dont hand over your login and password!