Google
 

Sunday, September 2, 2007

How to Detect a Phishing Attempt

Phishing growth

Phishing e-mails that try to make you hand over confidential details are becoming more common.
In July 2006, the Anti-Phishing Working Group got reports about 23,670 unique phishing scams.

The trick seems to be catching a lot of people out too. In 2005 UK losses from phishing scams stood at £23.2m.

In this gallery we give you some handy hints on how to spot the signatures of the phish.

Name and address

The first thing to look for is if the phish is addressed to you at the e-mail account your bank knows.
Many phishers are former spammers and often send messages to mailing lists rather than individuals.

Look to see how you are addressed in the body of the message. Phishers almost always use generic greetings, such as in this phish from 2005, rather than your actual name.

Banks also make clear they will never ask for your personal information in e-mails.

Detailed look

There will be many more clues in the body of the message.
If the phish includes details, such as an account or credit card number, check they are correct.

As phishers want to steal this information they are unlikely to have it before they send the mail.

Many phishing gangs take a chance and include random details to make the message look more official and hope people respond rather than read the text

Text check

Though phishing gangs are getting more sophisticated and literate, many bogus e-mail messages give themselves away by their poor command of the English language.
This is because many phishing gangs hail from nations where English is rarely spoken.

Grammatical errors and spelling mistakes are classic signs that a message is a phish.

If you stumble over the text, it's probably a phish.


Link lessons

There are more subtle signs that a message is a phish rather than legitimate.
For instance, look to see if the web link in the body of the message matches those in the status bar of the e-mail.

If these differ you have probably caught a phish.

If you are suspicious do not click on the links in the e-mail body. Instead type the address out manually.

Text tricks

Many phishing gangs exploit the readiness of the human eye to see what it wants to see rather than what is actually there.
For instance, in this old Paypal phish the scammers have registered a site that, to a quick glance, looks very like the name of the payment company.

Most phish fall down on one or more of these criteria. If you are suspicious contact your bank directly.
BBC News

0 comments: