What is Phishing?

July 29, 2008

Phishing scams are also a big problem. A good example is when someone sends an email that appears to be from your bank, but when you enter your information in the fake web form, the scammers steal your data.

Another definition describes it as a form of social engineering, characterised by attempts to fraudulently acquire sensitive information, such as passwords, or credit card information.

According to Symantec, these are the ways to protect yourself from Phishing attacks…

  • Be wary of emails asking for confidential information—especially of a financial nature. Legitimate organizations will never request sensitive information via email.
  • Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
  • Familiarize yourself with a Web site’s privacy policy.
  • Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them.
  • Never submit confidential information via forms embedded within email messages.
  • Never use links in an email to connect to a Web site. Instead, open a new browser window and type the URL directly into the address bar.
  • Maintain effective software to combat phishing. [many anti-virus programs now] automatically detect and block fake Web sites. They may also authenticate major banking and shopping Web sites.

Online Banking

June 1, 2008

WiFi (wireless internet) can be dangerous, but so long as your doing your banking with a reputable bank, and they use an SSL Page that’s secured (you’ll see a little lock icon in the bottom right of your browser if the webpage is secured, it’s completely safe as it’s encrypted. The stuff that is not encrypted can however be seen by anyone in the area. One area of trouble are email passwords. Most email passwords are sent in the clear.


A solution to this is using a program such as AI Roboform, in which you enter your login and password, and Roboform stores the information in an encrypted file, which it auto-fill the information from that point once you enter a master password.