Check the Article Index for more information pertaining to email.
All articles may be reproduced provided credit at bottom remains intact.

Phishing For Your Identity and Attempts to Steal It

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website asks you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the requested information. Unfortunately, you find out much later that the website is bogus. It was created for the sole purpose of stealing your personal information. You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to be an established, legitimate business. The only intent of the phisher is to obtain key private information from the recipient and then use that information to get rich. The phisher just needs a username and a password to steal from some people. Or he may attempt to acquire enough of your personal information so he can use your identity to steal from someone else.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. It may look like it is coming from a .com you do recognize, but looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make his email look as legitimate as possible. He will even copy logos and images from the official site to use in his emails. And he likes to include a clickable link that the recipient can follow to conveniently update their information.

A quick way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. This is the easiest way to check if you are being directed to a legitimate site. But even this method is not foolproof, because a small, almost imperceptible difference in the address is all it takes to send you to a bogus website.

So, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website. Almost all companies dealing with financial matters have extra layers of security and have https at the beginning of their address, rather than the customary http (without the 's').

Matthew Barbour is a free lance writer. Over the past 30 years, he has written news and advertising copy for radio and television and his work has appeared in a variety of publications. He also produces creative text for web sites at Dundas Web Internet Services.

You may also be interested in reading our article on Top 10 Email Mistakes.