What is Phishing?
Here's a definition of Phishing from Wikipedia:
Phishing: The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
The e-mail may direct the user to visit a web site or ask for a reply by email where they are asked to update personal information, such as passwords, credit card information, social security numbers, and bank account numbers that a legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information. Often times, a phishing attempt message is full of grammatical and spelling errors and is sent from an unknown or invalid email address.
Identify theft can be devastating to the victim and is difficult, costly, and time-consuming to fix.
You can protect yourself from online identify theft by following these practices:
- Never giving out personal information such as social security number, driver's license number, bank account information, date of birth, or any other personal information requested by an email or a pop-up message.
- Keep your anti-virus and anti-spyware software up-to-date.
- Never open attachments (.zip files, photos, or executable files) unless you're sure that the sender is trusted.
- When using the Internet for commerce, only do business with companies that you know or can verify by calling on the phone. They should also be able to provide you with a real street address, not just a post office box.
If in doubt, "Google" the business name. You will undoubtedly find out quickly if they are a scam. No results are also a tip-off to be careful.
- If you choose to purchase something through the Internet, make sure that the "lock" symbol appears on the lower right hand corner of your browser screen when information is being entered. This means that the information is being sent with an encryption scheme that only your computer and the recipient's computer should understand.
- Check your bank statements and telephone bills regularly for irregularities. Even small unexplained transactions to your account should be questioned to bank officials. Even if an identity thief only removes $0.50 from your account, be concerned. They are doing it to thousands of accounts and it is real money.
To help the Lawrence Tech community recognize a legitimate email message, please remember that messages sent from Lawrence Tech IT Services will always be signed by name. And we will never ask you to send personal information in an email message.
In addition, now that our email service has moved to Google Apps for Education, individual email storage capacity is 7 GBs. The likelihood of running out of email storage is extremely low. Any email message which indicates that you are over your email storage quota is almost always a phishing attempt.
There are many web sites which can help explain phishing tactics and what you can do to protect yourself. For more information, look at these sites:
The Federal Trade Commission, FTC Consumer Alert: