Suspect a Virus?

Call us for prompt service
in your home.
See Our Services Page

Tips and Techniques

Beware of Phishing Email!

For Homes:
	Education
	Setup
	Maintenance
	Upgrades
	Problem Solving
For Business:
	Online Backup
	Education
	Installation
	Maintenance
	Web Sites
	Special Projects
Monthly Tips and Techniques: Current Tip Page

 Top of Page

This previously published tip discusses what is meant by and how to avoid "Phishing", which is one of the most prevalent and dangerous types of scams that is found on the Internet.

What is "Phishing"

Phishing is an attempt by a malicious person or organization to make you reveal personal or financial information, usually by sending you an email message that asks you to go to a website for the purpose of updating or verifying account information or something similar. The email may look quite legitimate by including logos or links to official looking websites, and may threaten consequences if you do not take the action directed. Many of these attempts take advantage of the recent growth in social networking sites, such as Facebook, Twitter, and MySpace. Below is an actual example of a phishing email recently received by Bill Weems, the owner of Orchid Technical Services. WARNING: Do not click anything in this example.

In this case, Bill immediately knew the email was fake since he does not even have a Facebook account. But if this same phishing attempt went out to thousands of email recipients, it is very likely that some of them would have Facebook accounts, and if they had taken the bait and entered their Facebook User ID's and passwords in response to this message, the message senders would have them and could easily find out a great deal of personal information, make changes to the account, or send fraudulent messages to the user's friends. Identity theft is another possible disastrous consequence of responding to a phishing attempt.

Here are some tips on how to recognize a phishing attempt:

• Unprofessional appearance for the email, including spelling or grammatical errors.
• A hyperlink that, despite appearances, goes to a illegitimate website. If you hover
   your mouse pointer over a hyperlink, your email system will usually tell the actual
   web address that clicking will take you to. In the example, the update button would
   have gone to the site "http://www.facebook.com.pwtjiilil.com.pl/". Without a long-
   winded explanation of URL's, only www.facebook.com should have appeared in a
   legitimate Facebook web adddress, before the final /.  
• Requests to enter personal information such as user ID's, passwords, social security
   numbers, etc. Legitimate companies would never ask for such information by email.
• Degrading language, or threats of consequences such as closing or preventing access
   to an account if the requested action is not taken.

If you receive an email that you recognize as a fraudulent phishing attempt, you should do nothing but immediately delete the message. If you are not sure, and it looks like the message applies to you, you should check with the company's customer service office.

Fortunately, most email services and email client software products now are able to recognize phishing emails and make sure they do not get through, or at least warn you that they may be fraudulent. However, it remains the responsibility of the user to be ever vigilant and careful.

  Top of Page

Home Page • Education • Technical Services • Business Services
About the Company • How to Contact Us • Tips and Techniques