In computing, Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing attacks are not new, what is new is the method. In the past, scam artists relied on the telephone. Today, they rely on spoofed e-mail (spam), fraudulent pop-up messages, or fake Web pages to fool victims into thinking they are dealing with a legitimate business.The message usually links unsuspecting recipients to Web site where they are asked to update or validate their account information.
Here is an example of phishing which use the name of PayPal to collect users’ information by instructing users to open the link provided in the e-mail. (See the example on the right and click to enlarge it)
To safeguard against phishing, users should always go to the website directly (by typing in the URL to access the site) rather than via link in emails. Besides that, individuals are suggested to:
- Avoid replying to e-mail or pop-up messages that ask for
personal information.
- Avoid sending personal or financial information.
- Review credit card and bank account statements.
- Use and keep antivirus software up-to-date.
- Be cautions about opening any attachment or downloading any files received via e-mail.
No comments:
Post a Comment