I consider myself fairly cautious about Internet security, but I was still nearly caught off guard by a phishing effort aimed at me a couple of years ago.
I had gone online, as I routinely do, to check my bank account balance, and make sure nothing looked amiss. I logged out and returned to my work. A few minutes later, I received an e-mail — apparently, from my bank.
The message had my bank’s logo, and said the bank was following up on a possible problem with a transaction. Could I please reply, it asked, with some additional information?
Normally, I would immediately delete such an e-mail — but I had been online with my bank just minutes before. Could it be a coincidence? I hesitated, and decided to contact my bank directly to check. It turned out that the e-mail wasn’t from my bank, but most likely from some sort of fraudulent outfit trying to get information to obtain access to my account.
Such ploys are known as “phishing,” in which fraud artists pose as legitimate companies to try to get you to reveal important personal information, like account numbers, passwords or even your Social Security number. Such information can be used to get into your accounts, or create fake identities to apply for credit in your name.
Since I got the suspicious e-mail, phishing attempts have become more sophisticated, according to the Consumer Federation of America. The fraud artists are now better at aiming their efforts. Instead of sending e-mails randomly, they may look for an employee’s e-mail address on a company Web site and send messages that appear to be from the employer.
The federation, with backing from Visa, has put together an updated tip sheet on how to avoid phishing scams.
Tips include these:
– If you are contacted by someone asking for personal or account information, think about why they would need it. If it’s an organization you already doing business with, they should already have such information.
– Be wary of clicking on links or attachments in unsolicited e-mails. The links could take you to a rogue Web site, in an effort to have you enter personal information.
– Watch out for phishing by phone, in which callers ask you for personal information for illegitimate purposes.
Visa also offers advice about identifying fraudulent e-mails on its “Fraud News” site.
For examples of phishing e-mails, you can go to Cornell University’s “Phish Bowl” Web site.
Have you ever received an e-mail that seemed to be a phishing effort? What happened?
Article source: http://bucks.blogs.nytimes.com/2013/05/20/tips-on-avoiding-phishing-frauds/?partner=rss&emc=rss
Speak Your Mind
You must be logged in to post a comment.