Phishing

Phishing(fish for information) is one type of criminal activities which use social engineering technique attempt to trick people in order to get the personal sensitive information such as account username, password, credit card information fraudulently through the internet.

User receives an e-mail that is pretend a true company or bank like paypal, ebay, HSBC bank and etc sent by phisher. In the e-mail, it provide link to a fake spoof websites. The users feel that they are login in to the real company or bank’s website. The user unknowingly provides the personal information to the phishers.

Some identification of phishing mail:

1."Dear customer"- normally,if the company or bank send to you,they will use your full name.

2. most companies wouldn't ask or confirm personal information through the e-mail or phone.

3.most companies wouldn't require customers to reply in a short period.

4.you can type the company's website yourself , it is more safety than click the link in e-mail.

5.e-mail maybe in poor grammar or misspelling.

Some latest examples:

prevention methods:
1. Use firewall, anti-virus and anti-spyware software to protect your computer system. Some phishing e-mail contains virus, trojan, other threats.
2.To ensure your browser, system software and other applications have the latest security updates available. it can reduce the risk.
3.alert the address of the page should start with "https://" not just "http://" and the Lock icon should be displayed in the browser's status bar.
4.Don't want click on the link in the e-mail which is to access banks or companies' websites in order to login in with personal information.Eg. passwords, username
5.Use anti-phishing software which can disable all links in suspected phishing emails or can check with some websites help you to determine whether it is a phishing mail.


Some reference websites:

http://anti-phishing.org/

http://www.millersmiles.co.uk/