What is Phishing?

Phishing is the fraudulent process in which a criminal attempts to acquire sensitive information such as user names, passwords, banking and credit card details by pretending to be a legitimate business through the form of emails or instant messages. In most cases, a phishing attempt will direct a user to a fake website that mirrors the look and feel of a legitimate website.

Spear Phishing is a more refined/targeted process to gain sensitive information. A good example of Spear Phishing is a fake email sent to your email address, that contains a certain amount of your personal information to make the email look and feel genuine. For example, it may contain your name in the subject and body of the email.

Tips – Avoid Phishing Schemes

1. Do not trust email headers, they are easily forged.

2. Just as the header is easily forged, the “reply to” and the “from” email address’s can not be trusted.

3. Pay close attention to the links contained within the email. Links are just shortcuts, the actual link and what appears as text may be different. Hoover over the link and make sure that it is a website that you want to visit (Email clients will show the actual link under your cursor, and web based email will show the link on the bottom bar of your web browser). Also note that phishing scam artist’s will make the link look as close as possible to the real thing.

4. The emails quite often have official looking or duplicated logo’s from real organizations and other identifying information taken directly from legitimate websites.

5. Try to avoid filling in any forms that are contained within emails, the forms are not secure and you should never enter in any personal information.

6. Avoid phrases that are like: “Verify your account.”, “If you don’t respond within 48 hours, your account will be closed.”, “Dear Valued Customer.”, “Click the link below to gain access to your account.”.