Identifying Phishing and Email Scams

Identifying Phishing and Email Scams

We, being a daily user of the World Wide Web are inclined to the con games of the Internet. Ignorance, bewilderment, confusion, bafflement and lack of enough knowledge can be the cause why frauds becomes more aggressive on promising competent services;  while they secretly stealing all the information needed such as your account numbers and passwords. Don’t be fooled with those convincing email and web pages!

This article will help you recognize Phishing and Email Scams. To start with, let us define what truly a Phishing Scam is. Phishing is a process or an attempt to acquire all the information they will require such as usernames and passwords, your credit card details by disguising as creditworthy entity via electronic communication. Communications proposing to be from some social web sites, online payment processors or some auction sites.  Typically, phishing can be implemented by email spoofing and instant messaging. And will point the users to enter their details on some fake websites that are very similar to those legitimate one. It is also one good example of Social Engineering or a way of falsifying people from executing actions or exposing confidential information. It is used to mislead users and employ piteous usage of current web security technology.

The term phishing is identical and derived from the word “Fishing” that is most likely influenced by “phreaking” referring to “baits” that is being used with a hope that the potential victim will “bite” or click and open the malicious links and attachments, in any cases that the personal account information may be stolen without realizing it.

The Fraudsters (a term for those people who is behind this phishing and email scam) use several methods to entice or attracts the recipient to open or click on the link that the fraudsters provided.

The following methods that they usually include on their phishing letters are:

1. Deceptive Subject Line

This tends to have a subject line that is appealing and somewhat related to the recipient.  Sample subject line that includes: “Important notice for all Internet Banking Users”. Fraudsters also tend to change other letters into numerals to bypass SPAM filters such as “I” that will be replaced by “|”. They sometimes misspell the key words in which people will hardly recognize when looking at the subject line.

2. Forged Senders Address

Forged Senders Address is an easy beguilement method. Here, the recipient cannot guarantee that the sender’s address is true, correct or genuine.  Phishing Scam Mails usually has a forged sender’s address that will appear as if the email has come from a honourable company that the fraudsters is claiming to be.

This image consists of a subject line with forged senders address and links and also, the page has the same content as the original one.

3. Genuine Looking Content:

In order to convince the recipient, the fraudsters utilize the same images and the style of the text that is being used when sending the scam mail, on the legitimate web page to present that the email they sent is genuine. Most consumers are easily fooled by those fraudsters because they used the same bank logos on their emails. Trusts are being copied as well as the Authentication marks.

4. Disguised Hyperlinks

This is used as another attempt to make a fool on the recipient.  When using an HTML emails, it can display a genuine URL but if the recipient clicks on that link, they will re-directed to other web site.  When using a text only emails, a very long URL will have an “@” sign before the factual web site. The link will take the recipient to www.fraud-site.com. The link can easily be compare to the original web site since it begins with the original web site URL and contains correct looking words in the link.

5. Email Form

An Email Form is a form that the recipient or the consumer may need to enter all their personal and account information wherein there is a “submit”, “send” or “update” button below. The forms used a script that is located on the remote server that will store all the information on the fraudster’s database or forward the entire consumer’s information to the fraudster’s lists.

The methods above are being used by a more composite phishing emails. However, there are some amateur phishing emails that comprises with wrong spelling and grammar, no images sent, or even an effort to suppress the URL.

How can you avoid or protect yourself from Phishing?

Preventing scams is virtually out of the question. I included some precautionary steps to consider in avoiding or get rid of those phishing and e-mail scams. The following are:

1. Do not just click on every Hyperlinks included in your emails.
2. Always use Anti-Spamming Software.
3. Always turn your Anti-Virus on.
4. Customize your Personal Firewall.
5. Always update all the software including your Operating System and Browsers.
6. Ensure that the website you are looking has a padlock and starts with “http’s”.
7. Always scan and clean your computer for possible spywares.
8. Develop and educate yourself on Fraudulent Activities on the net.
9. Always check your Credit Report.
10. Seek for Professional’s advice regarding phishing and what to do when you’ve been baffled by fraudsters.