Don't get hooked by phishing scams

19/04/2006:- Identity theft is on the rise, partly due to naive Web surfers who voluntarily disclose financial information to a 'trusted' source. Don't let this be you! 

 
You're scanning through your inbox and notice a professional-looking email from your bank. It says they're verifying your online banking information, and so they ask you to click on a link and type in your login name and password.

Sounds legitimate, no?

Unfortunately, this is a case of 'phishing,' a malicious attempt by a person or program to obtain your personal information, such as banking info, a credit card number, social security number or Web passwords -- with the intent to steal your identity for financial gain.

Many Internet users fall victim to these scams as the tools used by phishers �?such as a convincing email  �?tricks the recipient into believing they are providing necessary information to a credible source.

While Canadian stats are scarce, a recent U.S.-based Gartner study from July 2005 found:

* 73 million Americans who used the Internet have received an average of 50 phishing emails in the past year, a 28 percent growth since last year.  

* From the summer of 2004 to the summer of 2005, an estimated 2.42 million U.S. adults reported losing money because of phishing attacks; financial losses amounted to nearly $929 million (U.S.).

* Fifteen percent of the 11 million Americans who have received a phishing email in the past year have clicked it.

So, how do you avoid being taken by these scams? Here's a few tips:

1. If you get an email or pop-up message that asks for personal or financial information, don't reply and don't click on the link in the email. Your bank, financial institution or credible online payment service (such as PayPal) will never ask for sensitive information via email. When in doubt, call your bank or credit card company.

2. Anti-virus software, anti-spyware software and a firewall (all of which can be free to download and use at www.download.com) can all help act as an extra line of defense from some of these malicious phishers.

3. Just to be safe, don't email personal or financial information as it's not a secure method of communication. Granted, it's not likely a person or program will read your email (billions of emails are sent around the world each day) but why take a chance? Instead, only give out information, such as a credit card number, to a credible Web site (such as Amazon.com) and look for indicators that the site is secure, such as a little lock icon on the browser's status bar or a URL for a Web site that begins 'https:' (the 's' stands for 'secure').

4. Wherever possible, forward spammed email that is phishing for information to the RCMP (e.g. http://www.rcmp.ca/scams/phishing_e.htm) or to companies, such as VISA (e.g. www.visa.ca/phishing).

 
From:   http://digitalhome.sympatico.msn.ca/LivingRoom/ContentPosting.aspx?newsitemid=cb1eedd6-571e-4026-a127-c395e2add311&feedname=MARC-SALTZMAN&show=True&number=5&showbyline=True&subtitle=&detect=&abc=abc