Some of you may think there’s a typo in the headline, but the word "Phishing" is no mistake and should be cause for concern. Phishing pronounced "fishing", is a technique used by Internet fraudsters to trick bank and credit card customers to unwittingly disclose their security details so that they can gain access to the customer’s accounts. Those readers who follow the international news services and financial or business programmes would know this has been around for years in the UK and US.

Some readers may have even mistakenly thought “man, we’re too small for crooks to bother with”. Well that delusion was abruptly dispelled in January, when a regional bank warned all their customers of an e-mail that was being circulated purporting to be from the bank and directing customers to a website that looked very authentic.

So how does Phishing work? You would receive an e-mail purporting to be from a financial institution with whom you have a relationship. This e-mail would suggest that they have experienced a failure or security breach and require you to confirm your security credentials. The email would contain a link to a logon screen that looks very much like the institution’s website, however it is a fake. The details you enter into this site are recorded by the fraudsters for them to use at the real site and gain access to your account.

This is essentially an example of Identity Theft and there are increasingly sophisticated techniques that criminals are using to gain security and other personal information from unsuspecting Internet users.

So how does one protect against Internet fraud and phishing?

The first and last rule is to educate yourself as to the risks; ignorance is no defence as the Judge would say. Fraudsters are becoming more and more sophisticated and so you must keep abreast of the risks and techniques are being employed.

There are some simple rules you must remember:

• The bank will never ask you for your PIN, password, catch-phrase or anything like that.
• Never disclose your password or PIN to anyone.
• Always type in the address of your bank’s or credit card company’s website.
• Use a secure password: not your date of birth, vehicle registration, telephone number or anything associated with you that someone might easily guess.
• Use different passwords for different secure sites.
• Check your bank and credit card statements immediately.
• Properly destroy old utility bills, bank statements and any mail which is of a sensitive nature that may contain your name and address, or that could be used as identification to open an account or gain credit.
• Keep your important documents in a secure place and keep records of your credit card number, as well as the number to report them lost/stolen. Remember you wouldn’t have the card!
• Always know where your passport, drivers licence and social security card is, and report them lost/stolen once you’re satisfied you cannot find them.

This is not an exhaustive list, but should serve to bring security and the risks of fraud home to those who never gave it a second thought. There are other measures which can be taken to improve computer security but that’s beyond the scope of this article. Essentially, be aware and educate yourself, get training; it costs money sure, but I’m reminded of a car sticker I was once given, it read “If you think Education is expensive, try ignorance.”

Phishing and other online fraud is costing financial institutions and individuals hundreds of millions of dollars, and I’m not talking million EC! Please don’t be one of the many who say “I had no idea” or “If only I did know…”

For more information on identity theft and how to protect yourself from it you can visit the following websites. http://www.getsafeonline.org/ http://banksafeonline.org.uk/ For more tech & security tips visit http://www.theitfacility.com

Leave a Reply