Phishing: Examples and Its Prevention Method

What is Phishing?

Phishing or brand spoofing is the illegal act of sending an e-mail to a user falsely claiming to be an established enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

Most people associate phishing with e-mail messages that mimic banks, credit card companies or other business like Amazon and eBay but some scammer also seek out victims through SMS,chat rooms, message boards and fake job search sites. Phishing is one of an example of social engineering techniques used to fool users.

Below are the examples of phishing

via E-mail



via Online Banking



via Ebay Subcription



and also via Government Link



Phone Phishing



In addition, vishing (voice phishing) which is often facilitated by Voice over IP (VoIP) also uses fake caller-ID data to give the appearance that calls come from a trusted organization. According to Phrenzie.com, phone phishing has been on the rise due to difficulties in tracing and monitoring by legal authorities.

How to prevent Phishing Scams?

1) Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.

2) Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender or user's handle instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser.

3) Ensure that your browser is up to date and security patches applied.

4) Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.
(EarthLink ScamBlocker is part of a browser toolbar that is free to all Internet users - download at http://www.earthlink.net/earthlinktoolbar)

5) Use a strong or different password for each of your accounts & change them frequently.

6) Always report "phishing" or “spoofed” e-mails to the following group:
forward the email to reportphishing@antiphishing.org. This can helped to reduce phishing troubles.


"Phishing Facts"

-> 13,776 phishing attacks linked to 5,259 Web sites took place in August of 2005.
-> They targeted 84 different businesses, but three businesses received 80 percent of the attacks.
-> 85 percent of the attacks targeted banks and other financial institutions.
-> Phishers succeed in getting personal information from up to five percent of their intended victims.
-> 57 million U.S. Internet users have received at least one phishing e-mail, and as many as 1.7 million have given personal information to the attacker

(Source: HowStuffWorks,2006)