Phishing - How big of a threat is it? Learn more to keep safe

Over just a few weeks, I received e-mail messages from several banks warning me that my online banking services were in danger of being deactivated, from Liberty Reserve telling me that I needed to change my password, from Paypal warning that I need to validate my login info, from an airline offering me the opportunity to earn a quick $50 for filling out a survey and from the Red Cross asking me to contribute money to help earthquake victims in China. These messages were all very convincing and looked authentic. Except for the Liberty Reserve message, however, they were all fraudulent e-mails known as “phish.”

Phish e-mails are constructed by con artists to look like legitimate communications, often from familiar and reputable companies, and usually ask victims to take urgent action to avoid a consequence or receive a reward. The desired response typically involves logging in to a Web site or calling a phone number to provide personal information. Sometimes victims need only click on links or open e-mail attachments for their computers to become infected by malicious software—known as MALWARE—that allows phishers to retrieve the data they want or take control of the victim’s computer to launch future attacks. The entire purpose of a typical phishing scam is to get the recipient to provide personal information. If you receive any unsolicited email that asks you to click a link and provide sensitive personal information, then you should view the message with the utmost suspicion. It is highly unlikely that a legitimate institution would request sensitive information in such a way. Do not click links or open attachments in such messages. Do not reply to the senders. If you have any doubts at all about the veracity of the email, contact the institution directly to check.

This article focuses primarily on email based phishing. However, it should be noted that phishing attacks on social networking sites are also becoming more common. Scam messages may be posted as comments or via personal message systems on social networking sites such as Facebook and MySpace. The messages often contain seemingly innocent invitations to click an included link to view images or read member profiles. However, clicking links in these bogus messages will open a fake version of the social networking site's login page. Victims who login to the fake page will be inadvertently sending their login details to scammers who will then have complete access to their accounts.

Although the details of phishing scams can vary, the result is usually the same: the criminals use the information obtained from unsuspecting victims to break in to their accounts and steal their money or identities, or both. Generally speaking, people become victims of phishing scams simply because they do not know how such scams operate. You can help by ensuring that friends and colleagues are aware of such scams and what to do about them. The power of such "word-of-mouth" education is substantial. You CAN make a difference by sharing your knowledge of phishing scams with friends, family and other Internet users.

To learn more about phishing and the latest tactics, CLICK HERE.