Security Tips: They're Phishing...Don't Give Them Your Information

Phishing Types of Phishing:   Spear Phishing   Vishing   Pharming Phishing Attempt Examples E-mail from Whitney Bank Protecting Yourself Security Hints Identity Theft Advanced e-Fraud Protection

The Latest on “Phishing” and Other Online Scams

You may have heard about a form of identity theft known as "phishing." In a phishing scam (see examples of past phishing attempts aimed at Whitney Bank customers), identity thieves send cleverly disguised e-mails, supposedly from legitimate and reputable companies, to mass e-mail address lists of potentially millions of people. The bogus e-mails usually tell recipients that their accounts are in danger of being frozen or suspended.

Recipients are then asked to "confirm" valuable and sensitive personal information—such as Social Security and credit card numbers, passwords and account user names—by clicking on a link that really takes them to a fake website set up by the thieves to capture this information. Once they have the personal information, thieves can use it to set up new accounts and make unauthorized purchases in their victims' names.

Authentic-Looking "Fakes"

Phishing has become such a huge problem because identity thieves have become very skilled at creating authentic-looking fake e-mails, complete with the logos of well-recognized banks, credit card issuers and online retailers.

Phishing scams cost the average victim $395 per incident, according to the 2005 Consumer Reports State of the Net survey, and total losses last year due to phishing reached $929 billion, reports The Gartner Group.

The good news with regard to phishing is that it has gotten a lot of attention and publicity over the past year, so more consumers are aware of it and know how to spot the phony e-mails. Also, companies whose brand names, trademarks and logos are being spoofed are now able to get the bogus websites taken down much more quickly.

New Technologies Are Helping

In addition, new technologies are being devised to help protect potential victims from being caught in a phishing scam. Spam filtering devices and e-mail authentication technologies are becoming more sophisticated and effective.

And scientists and researchers recently developed an anti-phishing device—called the Phoolproof Phishing Prevention system—to help prevent potential victims from completing online transactions at fraudulent websites. This system uses cell phones as part of the authentication process in establishing a secure connection with a particular website.

However, the bad news is that thieves are continuing to devise new ways to steal victims' identities—and their money. Three of the newest scams you should be aware of are "spear" phishing, vishing and pharming.