If you have been using the internet for the last few years there are many terms that you have had to familiarize your self with. One of these terms is Phishing.
The term phishing (fishing) is a term that is used to describe the illegal attempt to obtain personal information. Usually this arrives in the form of an email that is requesting that you log into a link that was provided in the email. Usually these links will look normal; however, the link will take you to a fraudulent website that will look like the original site. This site may reflect ebay, or paypal, or your local bank that you just happen to have an account at. These sites are not legitimate sites. They are in fact illegal.
Once the target attempts to log into the fraudulent account it will pop up with an error or something to indicate that the password or user name was incorrect. It is to late, the targets login information is now provided to the thief.
The goal of this paper is to make everyone aware that it is important that we keep in mind that a legitimate site, will not ask you for your username or password. You will not get an email from your bank asking that you log into a link to verify your personal information.
If you find that you have received one of these emails. Never click on the link in the email. If your bank is “yourbank.com” and you get an email asking you to log in to verify your information. Do not use the link in the email. Instead, log in through your normal avenue. (Go directly to the webpage through your bookmarks or just type in your normal address.) Chances are you will protect your identity.
It is important to make sure you keep your software updated. Many of the new internet browsers have the ability to alert you to the fact that the webpage is a phishing site. As long as you are updating software it is important to make sure you update any antivirus and firewall software that you are running.
There are a couple of things that you need to do if you find you have received an email that might be phishing. First, you will want to contact your bank or the financial institution that is involved and try to find out if they are seeing this kind of activity being reported. Second, It is important to harvest the headers of your email. These headers will indicate where the emails are originating from. For information on reading headers you can do a Google search on reading headers. Once you have the headers and know what network it is originating from. You will need to do a whois and see if you can find out the abuse email address for the network. An example is abuse@(the ISP.Com). Every network has to have an abuse address. So it is important to make them aware of it so that they can eliminate it in a timely manner. The third thing you can do it notify your ISP (internet service provider). They will in many cases have contacts for the network that they can contact to help to get this activity removed from the network.
In today’s internet usage it is important to make sure you are running a firewall, and antivirus software. As well as making sure you are running some kind of spy ware software. It is my belief that these will best protect your computers from becoming infected.
For many years I have been working in the field of Internet Abuse as an investigator. In those years I have come to find that if your computer becomes infected. You will be best off by totally formatting the hard drive and starting your computer as if it were new. Please keep in mind if you decide to format, that you will lose all the data on your computer that you have installed since you purchased the pc. If you have installed several CD albums and you do not back them up. You will lose all of them.
