Phishing: Security Issues in Electronic Age
by: Hanz Makmur Nov, 2010
We have all received many phishing emails. Phishing is a word used by the bad guys trying to 'fish' for your personal/confidential information. The attempt to steal your information may come in a form of falsely labeled information pretending to be from official, familiar sources like your financial institution or Rutgers. Most of these emails looks official but if you read carefully you will feel that someone is trying to get information they should not have and not need you to tell them again.
A few example of phishing email:
- Out of quota email.
In this email you are asked to click on a link where you are asked for username/password.
Some even ask you to reply via email and ask you to send them your username and password. Example:
- Asking for Password
- Financial Update
- Clickable Email
- A purchase you did not make.
Some phishing emails send you confirmation about order you did not make. In the email you would be tempted to click on a link which will ask for your username/password. This is very common especially during holiday shopping seasons.
- A friend plea for help, stolen bag, lost cash, missing passport
In this scam, you see familiar plea for help from someone you know. Everything looks real but in actuality your friend is a victim of identity theft and you become the next victim because you trust the electronics world too much.
- Business Proposal
In this scam, a business proposal that sounds to good to be true. The scammer mostly claim to have lots of money and in need of your help to send money to get him/her out of a situation.
See Advance-fee fraud for complete details.
- Update pages.
Sometimes you will receive email asking you to update your personal information "to increase security". In the email you are asked to click an update button. Examples: Fake Security Update which exloit vulnerability.
- Facebook update scam.
- Archived of Phishing/Scam
- New E-Scams & Warnings
- Fake Antivirus
When going to certain websites, you will notice that suddenly the page shows you that your machine is infected with all kinds of malware, virus and trojans. You are then invited to click on a link to "fix" the problem. The click will trigger an attempt to infect your machine! Users who run their computer with administrative access are particularly funerable to this.
- Removing Fake Antivirus
- Security Risk of Convenience
The electronic age has made many things more convenient. However this also means we start to forget that there are security risks that come with the conveniences. We have to stay vigilant and not forget to weight the risks. Example:
- Issues with GPS Convenience
- Mobile Phone
What to do:
- No one should ever ask you for username/password or other personal information unexpectedly.
- Never email your personal information.
- Never click on unexpected link no matter how official or familiar looking it is. The link may not what it appears to be, instead type the link to your browser to be sure. If you accidentally click a link, do not enter your username/password.
- Call on the phone to verify if you want to be sure the info you get is real.
- Delete the 'phishi' email.
- There are no reasons for your financial provider or Rutgers to ask you for more information via email. They should already have all personal information they need from you when you start your relationship with them. When in doubt, call them via the phone.
- When Your Computer Tricks You
- Fighting Against Identity Theft
- Information Protection Security
- FTC Videos
- How Not to Get Hooked by a 'Phishing' Scam
- Federal Reserve Frauds and Scams
- Job Scam
- Reporting Internet Crime Complain Center
- More Example of Phishing