Phishing scams have rocked Internet users for some time now.
But phishing attacks especially intensified in 2004, making them a very serious emerging threat that rides on the surge of e-commerce and e-banking transactions through fraudulent means, says a study conducted by anti-virus software specialist Trend Micro.
What is phishing?
Phishing means sending an e-mail that falsely claims to be from a particular enterprise (like your bank) and asking for sensitive financial information.
Phishing is sending out a 'bait' in the form of a spoofed e-mail that closely mimics most bank notifications.
The fraudulent mail is socially engineered to convince recipients to divulge sensitive information such as credit card numbers, PIN, social security numbers and some such information, says Trend Micro.
Some phishing mails include a legitimate-looking URL that actually conceals the phishing URL, or the site where the stolen information is stored, while some include an image, which when clicked, directs the affected user to the phishing site.
There are ways to 'spoof' an e-mail so that it appears to have come from someone other than the person who is actually sending it. An e-mail can be spoofed by tweaking the settings of e-mail clients like Outlook Express, Netscape Messenger and Eudora. E-mail spoofing is a popular way of scamming online.
How to be safe
Trend Micro lists out the ways in which you can keep yourself safe from phishing scams:
- Be wary of e-mail messages that ask for personal or financial information such as user names and passwords, credit card numbers, and other sensitive personal information, especially those that are alarming and upsetting in tone.
- Do not click any links inside an e-mail that is suspected to be spoofed. Instead, go directly to the valid company's site then log on from there or call the company directly.
- Ensure that any Web site visited is secure when submitting sensitive information such as credit card numbers. One indication that a Web address is secure is if it starts with https:// rather than http://. Another indication is a padlock icon at the bottom of the screen, which when clicked, displays a security certificate.
- Ensure that your browser is up-to-date and security patches are always promptly applied. For IE (Internet Explorer) browsers, a special patch relating to certain phishing schemes can be downloaded at http://www.microsoft.com/ security/.
- Avoid opening any file attachments of suspected phishing e-mail messages as it might execute a 'malware' programme that can steal personal information.
- Consider installing a browser extension such as SpoofStick which can help detect a spoofed Web site. This utility is available at: http://www.corestreet.com/spoofstick/
- Consider installing security software such as those offered by anti-virus specialists like Trend Micro, which can help detect malware programmes (antivirus), filter spam (spam filters), and/or ensure secure Internet usage (firewalls). These kinds of software can help preempt any damage to your system and can help protect you from hackers and scammers alike.
- Knowledge is still the best protection from getting scammed. It is important to educate oneself on Internet fraud. There are several Web sites dedicated to giving free education regarding Internet fraud, one of which is Trend Micro's site on anti-phishing.
If you receive any suspicious e-mail but are unsure of what to do, there are several organisations that can help check out the e-mail for you. Trend Micro offers this kind of service free of charge.
How to find out if an e-mail is genuine
However, finding out whether an e-mail is genuine or not is not very difficult. Every e-mail message contains headers that have the following information:
Origin, which shows information about the machine that sent it,
- Relay, which shows the sender machine relaying it to another, and
Final destination, which shows the machine that receives it, the IP address and the domain name.
Check out this URL: http://www.lse.ac.uk/itservices/help/e-mailheader.htm for an example of what the different things in an e-mail header mean.
By learning how to identify what the header components are you can distinguish whether an e-mail is genuine or spoofed.
From May 2004 to November 2004 alone, Trend Micro registered a total of 9,709 phishing mails. July generated the most number of phishing mail incidence with 2,932 received samples, which is a huge leap from the total of 104 phishing mails recorded in May.
Most phishing attacks from May to November 2004 targeted Citibank, covering a little more than half of the entire phishing incidence recorded. Citibank has banking, lending, and investment services worldwide making it a prime target for these types of attack.
US Bank, one of the largest financial services holding companies in the United States, comes in second in the list of most targeted banks, with 21 per cent.
Suntrust (one of the largest commercial banking institutions in the US) and Ebay (an international online "marketplace") are next on the list with 10 per cent and 8 per cent, respectively.
Even in India, ICICI Bank, Citibank and other financial institutions have been targetted by 'phishers.'A legitimate financial institution will never ask for details of your account via an e-mail. You must never e-mail financial information over the Internet as it is not a secure method for transmitting such sensitive information.