Phishing is a term used to describe the act of acquiring information (credit card numbers, usernames, passwords, etc.) by groups or individuals posing as legitimate and trustworthy entities.
What makes this different from regular theft is that it’s done through electronic communication—usually through email or instant messaging. It can also be achieved by creating fake sites or programs that seem real. Some are actually pretty convincing copies of popular pages.
Who's Behind Phishing?
Many offenders assume the role of someone users can trust: bankers, IT administrators—anyone you might share sensitive information with. Some use websites or other programs that seem real enough but are designed only to mislead users and record their information once they enter it or attempt to sign up/log in. Another popular method of phishing is sending emails regarding orders that buyers may not have even placed. Wanting to cancel or withdraw the payment they think they’ve made, users then give their information to what they believe is the store’s website, only to have it stolen.
It’s not just gullible individuals that have been the victims of phishing, major companies and corporations have also had run-ins with these cyber-criminals. Nearly a year ago, Target had 110 million customer records stolen, including shopper’s credit card information, through a phishing scam. Yikes. The CEO and IT security staff were subsequently given the boot. Home Depot also had data from all 2,200 stores taken and put up for sale on a website for hackers. It was later confirmed that phishing was the cause of the security breach.
How Can Users Avoid These Traps?
The best way is to stay vigilant. Always check—double check—any page, e-mail, message, or anything that seems suspicious. If you’re unsure, contact the company or entity in question and discuss your concerns. Remain cautious of spam emails, make sure sites are secure before sharing your information, and don’t click or download anything from an unknown sender. Protect your computer with whatever you can—firewall, spam filters, anti-virus, etc. Check your bank statements or online accounts with frequency so you can be sure that no unauthorized transactions have been made.
Now that you know what to watch out for, stay safe, play it smart, and don’t get phished!
