Safe Online Shopping: Phishing for Victims

By Michele Blandino

The impact that computers have had on the way we live and on our culture has been tremendous. In addition to allowing virtually instantaneous communication with people all over the world, computers allow us to complete a myriad of tasks including shopping and banking without ever having to leave our homes.

Computers have also impacted the way we speak; words and phrases such as “IM”, “dot com” and “hyperlink”, virtually unheard of ten years ago, are mainstays of today’s lexicon.

And, unfortunately, there is another computer-related term that is becoming all too common: phishing.

Based on its spelling, the term seems to be one that belongs in a Dr. Seuss book. Unfortunately, however, phishing is very real, and very serious.

Phishing Defined

As the name implies, phishing involves the act of attempting to lure unsuspecting people into providing personal information that can then be used to steal their identity. The “bait” is typically an e-mail that appears to have originated from a legitimate source. The recipient is told that there will be some consequence for their failure to respond such as an account termination or additional service charges and directs them to a website where personal information such as passwords, credit card numbers, social security numbers and bank account information is entered.

Who is At Risk?

Virtually anyone with an e-mail address can be a victim. Those who post on Internet newsgroups or forums are particularly vulnerable since the artists behind these scams employ sophisticated programs that scour websites in search of e-mail addresses.

How to Protect Yourself

The first rule of thumb is to never reply to a message that asks for personal information or click on a link contained within such a message. While doing so may bring you to a website that appears to be legitimate, upon further investigation you will likely find that it is a cleverly disguised danger zone.

One way to tell for sure is to open a new browser window and log into the merchant’s website the way you normally would. If there is a legitimate need to supply or update information, instructions will be provided. If you are still unsure, contact the company via telephone and let them know about the e-mail you received. They should be able to confirm its authenticity.

Because many phishing schemes bring the added bonus of harmful computer viruses, you should also make sure updated anti-virus is installed and operational on your computer at all times. The installation of a firewall is a technique that can be used to keep malicious e-mails from even making it your inbox.

For More Information:

There are a number of informative websites and articles dedicated to this practice. Here are a few:

• Anti-Phishing Working Group
• FTC: How Not to Get Hooked by a 'Phishing' Scam 
• Datamation: Phishing and Netsky Attacks
• PC World: Phishers Adopt Scam Tricks From Virus Writers