Tips To Avoid Phishing And Prevent Fraud

An issue I keep reading online is about how many users online get their identities and also their Credit Card numbers or account logins stolen from Phishing websites. I recently been reading online about how some users still have security issues or still fall for emails, website, even phone calls from fraudulent people pretending to be from your bank, company, etc. I will explain some useful and common tips in catching these fraudulent websites, some are my own personal viewpoint on also seeing how to figure out if a website or person is truly who they say they are.For those who don’t know what phishing means, phishing is when someone or a website operated by a hacker (most likely) makes a fraudulent process of trying to act as a target (as your bank for example) to steal sensitive information such as your usernames and/or passwords as well as credit card details pretending to be someone their not, this usually happens online, rarely you get phone calls or in person which eventually leads to fraud.

So what can you do to protect yourself? There are many ways to protect yourself, if you hear a lot of tips online saying not to do this or do that, it is recommendable that you listen because if you do get phished, your information can be sold on the Internet and then you start facing problems that lead to weeks even years of work to clean up the mess created by phishers (because of fraud).

Look At The Source

Many of us who are very protective of their data or seem very suspicious of your bank asking for some information (like all of us should be like) and also on what happens on their computer, the most common way for a phishing site is the source code, many times phishers steal images from the real legitimate website and the url you’re on is:

http://www.phshingwebsite.com

and the images might come from:

http://www.realwebsite.com

Usually you can tell straight off that the website is a phishing website, because if the images, even login form comes from the real website, why would that website need a complete different URL to host its own images? So that would be a phishing website.

Domain URL

Sometimes we receive emails and click on links we just don’t know (some users are like that). Or sometimes your computer gets infected and you might be redirected to phishing websites. The best way to see if the website you’re on is a phishing website is to closely to the domain url. Now you ask yourself (or some do) why would I like to look at the domain every time i go on a website? It is only important for those accounts that are most important to you and also important nonetheless such as your bank accounts, paypal, emails, business administrator backends, and account login pages. Some phishers try to hide the real domain name from a real legit website like this:

Original URL:  http://www.chase.com

Phished URL:  http://www.chasee.com

Sometimes when making a phished page, phishers try to find the best possible domain to make it look like the real one, adding extra letters at the end or making it look like the URL for the login of the real website it is targeting. Look at the domain url, some browsers such as IE8 (Internet Explorer 6) have domain highlighting to make it easier to know what URL you’re actually on.

Phishing Detections For Emails

It always begins with a simple email. An email that could link you to a phishing website and then start to cause major problems such as identity theft and so fourth… all because of a click of a button. Some of the most easiest ways to know if a email is a phishing email from ANYWHERE such as your bank, paypal, email, business is:

• If the email asks you to enter any personal information such as your bank account number, an account password, credit card number, PIN, mother’s maiden name, or Social Security Number and email it back to them
• If the email Fails to address you by your name and uses Dear Madam or Account holder
• Or is the email fails to confirm the company does business with you, such as referencing a partial account number
• If the email warns that your account will be shut down unless you reconfirm your financial information – scare tactics are often used to get the recipient to act on the request and send it by email or clicking on a link to login (to a phishing website), it is completely fake
• If the email warns that you have been the victim of fraud (pay careful attention to these)
• Most phishing emails have spelling or grammatical errors
• And the most common way is if the sender asks you to send payment information via email

These are the most common way to figure out if a email is fake. Phishers try using Fraud Warnings, Cancellation Warning, and Capital Letters to get the recipients attention and most likely to respond.

Emails From Friends

Sometimes your friends cannot be trusted at all when it comes to Online Networking, many users who use Outlook instead of a free service have a huge security risk, some worms spread themselves by sending themselves in an email automatically to your first 50 to 100+ (depending on the worm) and sends it to your friends that could end up getting a worm and have their system infected that could modify many things to make any site you visit a phished site (or install a keylogger on your computer which is way worse).

To prevent this, make sure that you have an antivirus, AVG Free Edition has a email scanner for outlook, So does Norton Internet Security 2009 (which I trust more) due to its virus definitions. Make sure not to download any attachments that are .EXE (Executable) that range from 1KB to 1000KB. If you expect a file that small, I would recommend to scan it at Virus Total since it is a small and easy file to upload that won’t take more than a minute. This will ensure that the file you have isn’t detected as a susupicous file or virus by any Anti Virus Provider.

Remember that many phishing emails and websites can be very stupid in a way, while the creators might be sophisticated in technology, their creations and emails can be easy to spot many times, even if you’re not very experienced. Grammar mistakes are very common, as well as subjects to lure you in the phished link. Remember to NEVER give out your personal information such as your Address, Phone Number, Bank Account Logins or Passwords, and avoid the emails that start asking for your SSN (Social Security Number), those are the ones to spot and ignore very easily, regardless of who its from. Stay Safe!