We all have probably heard the term "phishing". Simply defined it's the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.
A recent study from Cisco suggests that there are over 360 million "phishing" emails being sent out every day around the world. How many of these are from Nigeria, we can't say for sure, but what can be stated is that a percentage of those receiving these emails will open them and give away their information. The main reason this will happen is because the user has not been trained to identify what is a "phishing" email. They may receive an email from Citicorp, or eBay, or PayPal, and maybe even the director of the FBI asking for personal information about their account. Unknowingly, they will provide this information, and within hours their identify can be stolen or information used to delete their savings accounts.
Even more diabolical is "spear phishing". This is targeted "phishing" against companies, specific individuals, and governments to gain access to specific areas requiring secure entry via password or account information. Again, the receiver of the email may assume it is from within their company or IT department and provide the information requested...compromising their firm.
Fortunately there are programs available to help train individuals to recognize these cyber theft scams. By taking a few minutes out of the day, these training programs can help you learn what is or is not a suspicious email... and perhaps save your identity or corporate data.
And should you fall into a "phishing" trap, where you suspect your identity may have been compromised, immediately contact your local authorities, bank and credit card companies, as well as the Federal Trade Commission.
0 comments:
Post a Comment