Pages

Monday, 31 July 2006

Beware of phishing: Tips to keep away internet scams


July 31, 2006
By Syed Akbar
Hyderabad: "Dear customer, there was a major crash in our computer system. We have lost some of the vital data. Could you click on the link below to send us the details of your credit card like its number, expiry date, credit limit and
password so that we could update our data after restoration".
"Congratulations! You have won $ 100,000 in a draw of lots of email addresses
collected at random from the web. To claim the money, do fill up the following personal details and send us at the email link given below". "Dear account-holder, we suspect that an unauthorised transaction has been carried out on your savings bank account. To make sure that your bank account is not manipulated, please click the link below and confirm your personal identity."
If you receive these types of messages to your email address or in a pop-up window
while you are surfing the internet, just ignore them. Do not reply to such messages or give personal details, because you are being phished by clever cyber cheats.
Instances of phishing or "password harvesting" have been on the rise in Hyderabad
with the city, thanks to its numerous software firms, attracting the attention of computer hackers and cyber cheats from around the world.
A couple of days ago, M Ramesh, an executive in an advertising firm, received a
Yahoo message from his "banker" saying that they need the "existing" password of his credit card as the bank's main server has been hacked.
"I was about to fill up the details when my colleague suggested that I cross-check
with the banker on telephone or in person. When I rang up the call centre of the bank, I realised that the message was fake. I believed the message because it resembled other messages that I receive from my banker regularly," Ramesh
points out.
What actually the cyber cheats or "phishers" do with the data they receive from
unsuspecting net-users? There have been thousands of instances of creation of fake credit cards and siphoning of money through ATMs using the password provided by the unsuspecting cardholder. Moreover, personal details will quite often help phishers to do on-line business transactions to purchase valuables.
Phishers generally target customers of banks and financial institutions that have a
large turnout. In the last couple of months, customers of nearly all major banks in Hyderabad have been targeted by phishers. Besides banking customers, those who use amazon.com, AOL, BestBuy, eBay, MSN, PayPal and Yahoo have also been the target. According to anti-phishers, as many as 10,000 phishing mails are sent to users in Hyderabad.
The Crimes Investigation Department of the State police lists "phising" as one of
the cyber crimes attacking penal action. "The number of phishing attacks, and the associated costs, has increased 10 fold as compared to last year and is on a continuous rise," says MH Nobel of Zoom Technologies.


=====
How to identify phishing messages
=====

1. There will be no personal greetings in the message. Your name will be missing
because the sender does not
know who you are.
2. Notice whether there is an IP address in the link. If you click on this, it will
take you to the fake bank/institution
instead of the genuine one.
3. It is better if you do not use the net to provide personal details, particularly
passwords or your mother's maiden
name, as not all phishing attacks require a fake website. This can be done even
through a genuine website. If the
website is not fake, cyber cheats give a telephone No. (supposedly of a bank) and
when the unsuspecting person
dials the telephone number, he or she is asked to dial the card number and then the
password. Both the card
number and the password are recorded through voice over IP.
4. In case of suspicion, call the banker or make a personal visit to verify the
authenticity of the email message.
5. Install anti-phishing software in your computer to detect phishing attempts.
6. Lodge a police complaint, if necessary.
7. Check whether the URL starts with https:// or http://. If you're using IE, look
for the lock symbol in the right of
the status bar and double-click it to check the validity of the digital certificate.
8. Check your bank accounts regularly to ensure that listed transactions are really
carried out by you.

1 comment:

  1. Wonderful web site. Plenty of useful information
    here. I am sending it to a few friends ans additionally sharing in delicious.

    And certainly, thanks for your sweat!
    Feel free to surf my web page ... QWERTY Keyboard Phones

    ReplyDelete