The Dangers of Phishing

Phishing is one of the biggest problems on the internet today, and has led countless numbers of people to giving their personal information away to someone with malicious intentions. In case you haven’t heard of it yet, here is how it basically works. Skilled hackers build duplicates of popular web sites in order to trick you into logging in. Then, with your password, they can log into your real account and cause all sorts of mischief.

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information?  The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number.  You recognize the business name as one that you’ve conducted business with in the past.  So, you click on the convenient “take me there” link and proceed to provide all the information they have requested.  Unfortunately, you find out much later that the website is bogus.  It was created with the sole intent to steal your personal information. You are a victim of phishing.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business.  The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not as easy as you think to spot an email phishing for information.  At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail.  The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

For example, the most popular phishing scam involves a duplicate of PayPal. Instead of displaying “paypal”, it would display “paypa1”. Our eyes would get easily tricked when we look at the browser window. With your account information, hackers can empty your account of money, or conduct more complex scams hiding behind your identity.

In order to avoid being a victim of phishing, you should learn about how URLs work. URLs are, of course, the addresses of the sites that you visit. A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer.  The actual website address to which you are being directed will show up for you to view.  It is a very quick and easy way to check if you are being directed to a legitimate site.

Usually phishing sites will show URLs that look similar enough to give you confidence. You should always look very closely. Say you want to make a transaction on a site called YourBank dot com. You should check the URL at the top of your browser and make sure that it says “http://www.YourBank dot com” (the www is optional) followed by a forward slash, followed by whatever information the site requires. If it says something like “YourBank dot comiaj3k1.org”, you can see that it is a false URL.

In addition to this basic knowledge of URLs, you can also install some sort of software that will keep an eye out for you. Modern browsers such as Mozilla Firefox, Edge and Internet Explorer have built-in phishing protection. These programs run off of a list of reported websites, and also have filters that will look for certain characteristics of the URL and alert you if it appears suspicious. So, if you don’t already have a program like this, then you should consider getting one for your own safety and privacy.

Finally, follow the golden rule.  Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser.  At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

The modern internet has brought us many conveniences, from chatting online to buying groceries online. But as with anything, some people will try to take unfair advantage of the situation. So, while you are enjoying the benefits of technology, you should also keep on the lookout for attempts to steal your personal information. If you get involved in a phishing scam, it can be a real pain to get sorted out.