You are the winner of 1 lakh pounds, respond immediately. These kinds of mobile messages and emails are common now. What is the intention behind this? Most people believe that these are funny messages. Nobody gives you money as a free gift. These are Phishers sending you fraudulent messages for trapping. When you click the link provided in the email, you will be in trouble. The Phishers usually prompt you to reveal the online bank transaction details. Phishing (It is similar to Fishing and fish trapping) is the high tech form of Internet piracy in which the phisher steals the personal and confidential informations like bank details, password, credit card number etc. This is a kind of Social engineering in which the phisher manipulates the people into performing actions by taking them into confidence.
Phishers use the information collected to withdraw money from the victim’s account or run up bills using the credit card. Phishers take the advantage of the software and security weakness of the account holders. Since the user keeps the account number and other bank details secrete, the phisher uses tricks to get it from the user. Email spoofing is the common method used by the phisher. Spoofing is the term used to indicate Spam and Phishing emails that hide the details of its origin. Although these emails have sender address, they are coming from a different source which can be of malicious origin. Sometimes the Spammer gives his address in the reply to field so by giving the reply, the spammer will track the details of the email.
To prevent phishing, the banks warn the customers to keep vigilant during online transactions. They do not send messages or email alerts to update the personal details or reset pass word. Secure online sites are provided with a lock icon. Always enter into the website of the bank by typing the URL in the address bar. Do not click on the typed in address already in the address bar. Always ensure that the opened page contains https:// and not http://. Before opening the account, ensure that a lock icon is present at the right part of the bottom of browser and a verification certificate of the bank authority.
Let us see how phishing occurs and the way to escape from it.
How Phishing occurs?
Phishers use both technical subterfuge and social engineering methods to steal the personal identity and datas of bank transactions. The routing towards Phishing is as follows:
1. The Phisher sends a fraudulent e mail which looks like a genuine email from the bank.
2. In the email, the phisher invites the client to go to a hyperlink provided in the email.
3. When the hyper link is clicked, the customer will be directed to a fake website which looks like the genuine bank web site.
4. The phisher advice the customer to update the password, bank account number, personal details etc through the fake web site.
5. When the customer submits the details, he will get an error page and the customer is Phished by a stealer.
How to Protect Bank accounts?
Phishing attempts usually occur through fake emails. So it is better to understand the way to protect the bank details.
1. Do not click or open any unexpected email from an unknown source.
2. If you get a suspected email, do not click the hyper links provided along with it. It may contain malicious codes for Phishing.
3. Do not reply to such fraudulent email and delete it immediately.
4. Ignore and close all unwanted pop up windows that appear during browsing.
5. Do not reveal the password or secrete pin numbers in internet or mobile phone.
6. Always keep the pin number of credit and ATM cards secret and do not reveal the same to any person.
7. Always enter into the website of the bank by typing the URL in the address bar. Do not click on the typed in address already in the address bar.
8. Always ensure that the opened page contains https:// and not http://
1. The banks usually do not ask to update the details through email alerts.
2. If you accidentally provided the information to a fake website, change the password immediately. If the same password is used forother sites, change all the passwords immediately.
3. Report the matter to the bank about Phishing by clicking the Report Phishing link provided in genuine bank website.
4. Verify the account number and other details in the account page.
5. If any unwanted entry is found in the account page, immediately report the same to the bank.