All about Phishing.
Recent phishing attempts
Social networking sites are also a target of phishing, since the personal details in such sites can be used in identity theft, in late 2006 a computer worm took over pages on MySpace and altered links to direct surfers to websites designed to steal login details. Experiments show a success rate of over 70% for phishing attacks on social networks.
Almost half of phishing thefts in 2006 were committed by groups operating through the Russian Business Network based in St. Petersburg.
Tips on how to avoid the Internet scam known as phishing
- If you receive an unexpected e-mail saying your account will be shut down unless you confirm your billing information, do not reply or click any links in the e-mail body.
- Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.
- If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.
- If you unknowingly supplied personal or financial information, contact your bank and credit card company immediately.
- Suspicious e-mail can be forwarded to uce@ftc.gov, and complaints should be filed with the state attorney general's office or through the FTC at www.ftc.gov.
Notes:
The term phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they "fish" for users' financial information and password data. The most common ploy is to copy the Web page code from a major site — such as AOL — and use that code to set up a replica page that appears to be part of the company's site. (This is why phishing is also called brand spoofing.) A fake e-mail is sent out with a link to this page, which solicits the user's credit card data or password. When the form is submitted, it sends the data to the scammer while leaving the user on the company's site so they don't suspect a thing.