Phishing is a kind of fraud perpetrated on the Internet. It aims at stealing the personal information of online users such as customer ID, PIN, Credit/Debit card data, etc. by assuring certain favors in return. It’s a sophisticated con act akin to catching the fish with a dangling bait. This hi-tech fraudulence is carried out through emails and websites pretending to be genuine. Gullible people open these mails and websites unaware of the risks involved in them. Of late, phishers employ the phone for voice phishing and SMS for smishing. A friend of mine attracted by the rewards assured by a phone call, he gave the user name and vital details of his credit card to lament later for getting a bill for a huge expense that he didn’t incur.
Emails are the most common method used by the tricksters claiming as bank officials and send fake emails to the customers asking them to verify or update their account details or profile by clicking on the link provided in these mails. The link takes the customers to a fake website that looks like the original bank site with a form to fill in the customer’s information. The details so acquired will be used for fraudulent operations in the customer’s account. Such phishing sites and emails quoting the names of even the Central banks of some countries have become common thing nowadays. One can find emails advising the receiver to provide their bank details so as to remit the prize money of a sweepstake draw.
Methods to identify the Phishing sites: If the URL of a website begins with ‘https’ instead of ‘http’, it means the page is safe and secured with encryption. The majority of the fake web addresses do not contain this ‘s.’ The second method is to check for the padlock symbol in the upper right or bottom corner of a web page. This lock denotes the presence of a digital certificate for the security of the site. One can verify this certificate by double clicking the lock. The information shared by friends and relatives about their experiences with such phishing methods forms the third method. Alerts from the Internet service providers also help to recognize the fake sites and spams.
Precautions against Phishing: Carefully check the web address for its genuineness and safety by applying the above methods. Have the latest and standard anti-virus, anti-spyware, firewall, and security patches installed on your systems. Do not disclose any personal information to anyone or online queries such as phone calls or emails. Discard the emails from unknown sources.
(Author is a Ex-Banker and can be contacted on [email protected])