| Protect your identity: Phising and Pharming |
Using a variety of malicious methods, phishing and pharming are a consistent problem that threatens everyone with identity theft. If
you recognize what these methods are and how malicious users employ them, you can keep yourself and others from becoming
victims.
Phishing involves sending an e-mail that claims to be a legitimate business in an attempt to scam the user into surrendering private
information. Pharming involves the same goals with a different method; malicious users employ spyware, keyloggers, domain
spoofing, domain hijacking, or domain cache poisoning to obtain personal or private (usually financial) information. To put it bluntly,
criminals try to steal your identity by getting you to divulge financial data such as credit card numbers, account usernames,
passwords, and social security numbers. They sell this information, and it then becomes an identity theft crime.
The primary method for this crime is to send e-mails that look like valid correspondence coming from a bank asking users to click the
link provided and log into their account for some type of important information. But your bank and other institutions where you do
business don’t work this way. They may send you an e-mail and ask you to review or verify information. However, they don’t send
links to a Web site. You already do business with them, and they know you don’t need the link to the Web site. If you click that link,
one of two things is going to occur. It could download spyware onto your computer, which will then capture your personal information
and send it to the criminals. Or, the link will direct you to a Web site that looks and feels like the site you expected — but it’s actually
just a front to collect your login information to help the criminals harvest your personal information.
To protect yourself and others against phishing and pharming schemes, here are four rules to live by:
Rule 1: Stop clicking links in e-mails that direct you to your bank or a financial institution. Stop filling out forms sent to you by your
bank or financial institution. If you want to visit the site to see if you need to confirm/update/verify your account, open up a browser
and type the link or retrieve it from your favorites.
Rule 2: If you suspect an e-mail is part of a phishing scheme, report it. Report it to the financial institution, the FTC, and the Internet
Crime Complaint Center.
Rule 3: Update your browser, your antivirus software, and any other security software. The latest versions of such software have
phishing filters that detect attempts and warn you if it suspects you’ve surfed to a site that isn’t legitimate.
Rule 4: Stop using public computers to access private information. Internet kiosks at hotels and other business are convenient but
often have Trojans and keyloggers installed that collect and transmit your information to the criminals. Access personal and financial
information only from a computer you trust to be free from these evils.
you recognize what these methods are and how malicious users employ them, you can keep yourself and others from becoming
victims.
Phishing involves sending an e-mail that claims to be a legitimate business in an attempt to scam the user into surrendering private
information. Pharming involves the same goals with a different method; malicious users employ spyware, keyloggers, domain
spoofing, domain hijacking, or domain cache poisoning to obtain personal or private (usually financial) information. To put it bluntly,
criminals try to steal your identity by getting you to divulge financial data such as credit card numbers, account usernames,
passwords, and social security numbers. They sell this information, and it then becomes an identity theft crime.
The primary method for this crime is to send e-mails that look like valid correspondence coming from a bank asking users to click the
link provided and log into their account for some type of important information. But your bank and other institutions where you do
business don’t work this way. They may send you an e-mail and ask you to review or verify information. However, they don’t send
links to a Web site. You already do business with them, and they know you don’t need the link to the Web site. If you click that link,
one of two things is going to occur. It could download spyware onto your computer, which will then capture your personal information
and send it to the criminals. Or, the link will direct you to a Web site that looks and feels like the site you expected — but it’s actually
just a front to collect your login information to help the criminals harvest your personal information.
To protect yourself and others against phishing and pharming schemes, here are four rules to live by:
Rule 1: Stop clicking links in e-mails that direct you to your bank or a financial institution. Stop filling out forms sent to you by your
bank or financial institution. If you want to visit the site to see if you need to confirm/update/verify your account, open up a browser
and type the link or retrieve it from your favorites.
Rule 2: If you suspect an e-mail is part of a phishing scheme, report it. Report it to the financial institution, the FTC, and the Internet
Crime Complaint Center.
Rule 3: Update your browser, your antivirus software, and any other security software. The latest versions of such software have
phishing filters that detect attempts and warn you if it suspects you’ve surfed to a site that isn’t legitimate.
Rule 4: Stop using public computers to access private information. Internet kiosks at hotels and other business are convenient but
often have Trojans and keyloggers installed that collect and transmit your information to the criminals. Access personal and financial
information only from a computer you trust to be free from these evils.
