Phishing: Examples and its prevention methods

Fishing Phishing is a scam in which the attacker sends an email purporting to be from a valid financial provider. The email often uses fear tactics in an effort to entice the intended victim into visiting a fraudulent website. Phishing (fake) emails are made to look like they are from legitimate companies but are actually from identity thieves.

These emails warn you of account problems or other urgent issues in order to trick the victim into clicking through to a spoof website. The victim is instructed to login to their account and enter sensitive financial information such as their bank PIN number, their bank account number and so on. This information is then surreptitiously sent to the attacker who then uses it to engage in credit card and bank fraud.

Many of these phishing email appear to be quite legitimate. Don't be a victim. Look over the following examples of phishing scams to familiarize yourself with the clever techniques used.

SunTrust phishing email

The following example is of a phishing scam targeting SunTrust bank customers. The email warns that failing to comply with the instructions may result in account suspension. Note the use of the SunTrust logo. This is a common tactic with "phishers"who often use valid logos they have simply copied from the real banking site in an attempt to lead credence to their phishing email.

eBay phishing email

As with the SunTrust example, this eBay phishing email includes the eBay logo in an attempt to gain credibility. The email warns that a billing error may have been made on the account and urges the eBay member to login and verify the charges.

The following includes some of the methods of prevention:

1. Don't trust email headers, which can be forged easily.
2. Avoid filling out forms in email messages. You can't know with certainty where the data will be sent and the information can make several stops on the way to the recipient.
3. Verify the legitimacy of a web address with the company directly before submitting your personal information.
4. Check to see if there is an 's' after the http in the address and a lock at the bottom of the screen that indicates the link is secure and encrypts data.

If you believe you have been the victim of fraud, contact your financial institution immediately via phone or in person.

Lastly, if you think you are expert enough on this topic, kindly take this little quiz to challenge yourself. Good luck! :)

Resources from around the Web

• Phishing - Wikipedia, the free encyclopedia
  Explains some common phishing methods and dangers.
  
• Anti-Phishing Working Group
  Provide a resource for information on the problem and solutions for phishing and email fraud.
• OnGuard Online - Phishing
  Offers advice on how to spot, avoid and report phishing attacks.
• Recognize phishing scams and fraudulent e-mails
  Learn more about how this scam works and what a phishing e-mail message may look like.