MSN Home  |  My MSN  |  Hotmail
Sign in to Windows Live ID Web Search:   
go to MSNGroups 
Groups Home  |  My Groups  |  Help  
 
Staying Safe Onlinestayingsafeonline@www.msnusers.com 
  
What's New
  Join Now
  Introduction  
  Lest We Forget  
  Code of Conduct  
  Messages  
  ____________  
  Child Safety  
  Adult Safety  
  Online Dating  
  Personal Pages  
  Cyberbullies  
  Harassment  
  Face to Face  
  Social Engineering  
  Online Petitions  
  ____________  
  Top Ten Complaints  
  ____________  
  Hackers  
  Passwords  
  Spyware  
  Backdoors  
  Viruses  
  Antivirus  
  Hoaxes  
  Phishing  
  Firewalls  
  Spam  
  Keystroke Loggers  
  ____________  
  Abbreviations  
  Netiquette  
  ____________  
  Documents  
  Pictures  
  Helpful Links  
  ___________  
  Copyrights  
  Bandwidth Theft  
  ___________  
  Hide your email  
  Upgrade Information  
  ___________  
  ____________  
  Promotional Coding  
  Promotions  
  Details  
  
  
  Tools  
 

Staying Safe Online
Phishing Scams

What is Phishing?

Many people are receiving what are called "phishing" attacks in their email these days.  It's another type of hoax email with a more sinister purpose.  These types of hoaxes are designed to fool you into giving up very sensitive personal information like your bank account numbers, PIN numbers, credit card numbers and expiration date, Social Insurance numbers (Social Security number for Americans), your real name in full, address, phone numbers, driver's licence information, etc.

How Phishing Works 

A phishing hoax works like this:  You get an official looking email which is supposedly from a bank (it could be your bank or one that you don't deal with) or another company that handles financial transactions (like Paypal, or Ebay).  A large amount of money is going to be withdrawn from your account unless you go to their site (with the link helpfully provided) and fill out the form provided.
 
If you click on the link, it will take you to a site or a pop-up window that looks almost exactly like the company's real site with actual logos that are stolen from the real website.  These are known as "spoofed" websites.  The form provided asks all sorts of information about you, your account number, and any other important information about your account and any other accounts you hold.
 
Here is an example of a spoofed site:

 
 
This is what the real site actually looks like:

 
 
It's pretty hard to spot the difference - impossible if you have never been to the company's website before.
 
Unfortunately many companies make it easy for scammers to spoof their sites.  Most web designers know how to prevent people from right-clicking on logos.  But many sites are still not using the technology.  Here is a logo that was easily captured from a legitimate site (used for illustrative purposes only).   If I can capture that just by doing a right-click and save as, then it kind of tells you how easy the companies are making it for the scammers.
 
The Consequences of Falling for a Phishing Scam
 
Once you enter that information, the scammers can use that to empty your bank accounts, apply for credit cards, rack up charges, apply for driver's licences, rent property (and not pay the rent) under your name.  Basically they can recreate your whole identity and use it for illegal purposes leaving you with the headache of proving to credit bureaus, banks, law enforcement officials, etc that it wasn't you that commited the crimes.
 
How to Protect Yourself
 
The best way to protect yourself is by knowing what to look for.
  • If you get an email that is supposedly from a bank, or online store or other website that deals with financial transactions be suspicious.  Have they ever contacted you by email before?  If they never have in the past, why would they start now? 
  • The first thing to look for is how they address you.  If they are for real they will usually address you by your real name (or the name that you have given them).  A real email will usually not address you as "Dear Customer"
  • Is a reply required "immediately"?  A scammer likes to scare people into reacting before they have a chance to think about the situation.  Be suspicious of anything that says that if you don't reply "right away" you are going to lose a great deal of money.
  • Are they asking you for your passwords, account numbers, credit card numbers, social security numbers (or SINs)?  Ask yourself "Why?".  Companies that you have dealt with have all that type of information in their files.  They will never need you to give it to them in an email.
  • Regularly check your bank, credit card and other accounts.  If there are any charges there you don't think are legitimate notify your account providers immediately.
  • Don't use the links in an email to get to a website, especially if you think that the email is not for real.  Often the links will take you to sites that will attack your computer.  (I had this happen to me when I was researching a phishing site for an article I was writing.  I clicked the link and they tried to download a keystroke logger onto my computer.)
  • Make sure you have the latest updates for your browser and operating system.  If you do accidently click on a link, it might offer you more protection than outdated versions.
  • Always make sure you are using a secure website anytime you enter information like credit card numbers online.  The way to check if a website is secure it to look at the beginning of the Web address in your browser's address bar.  A secure site will start with "https://" not "http://"
  • If you receive an email from a company that makes you nervous, then get on the phone to them, or visit them in person if you can to find out if it is legitimate.

For more information:

http://www.antiphishing.org/consumer_recs.html

http://www.microsoft.com/athome/security/spam/phishing.mspx

http://www.visa.ca/en/personal/shop_protect_email.cfm

[What's New] [Code of Conduct] [General] [Child Safety] [Adult Safety] [Cyberbullies] [Personal Pages] [Harassment] [Social Engineering] [Hackers] [Passwords] [Spyware] [Backdoors] [Key Loggers] [Viruses] [Anti-virus Software] [Hoaxes] [Firewalls] [Spam] [Abbreviations] [Netiquette] [Copyrights] [Bandwidth Theft] [Promotional Coding
Notice: Microsoft has no responsibility for the content featured in this group. Click here for more info.
  Try MSN Internet Software for FREE!
    MSN Home  |  My MSN  |  Hotmail  |  Search
Feedback  |  Help  
  ©2005 Microsoft Corporation. All rights reserved.  Legal  Advertise  MSN Privacy