the Blog

Let’s go Phishing!

Posted on May 15, 2014 by Michael Rosario  |  Comments

Actually, let’s not. It’s not a ghetto word for fishing - not even related to fish. It’s an online form of identity theft.  According to Wikipedia, phishing is an act of attempting to acquire sensitive information such as usernames, passwords, social security numbers, and credit card details by masquerading as a trustworthy entity in an electronic communication.

So how does one identify a Phishing scam or hoax site? First of all, be careful of what type of information is publicly available about you.  Credit cards for example, use the following popular questions to retrieve your forgotten passwords - “What’s your mother’s maiden name?” or “What’s the name of your first pet?” These are common questions and may easily be discoverable on your facebook or social media profile.

When providing sensitive information, make sure the URL is the correct address on your browser. Remember www.citibank.com is correct while citibank.bankaccount.com is a totally different site.  They may look the same, but one is potentially a Phishing site.

Second, when providing information such as Credit Cards or Social Security number, don’t just check the address bar, but make sure that the site uses a Secure Sockets Layer (SSL) - basically the address starts with https:// and has a symbol of a padlock.  For more information go to http://en.wikipedia.org/wiki/Ssl

Just to recap, here are the points:
1. Be aware of what information about you is available to the public.
2. Check the address bar for the correct URL
3. Make sure it’s a secure site - using https:// not http://

So what do you do if it’s a phishing, scam site?  The next best thing to do is to report it.  There are many ways to report a bad site.

Phishing Scam Warning

You can report to the government:
http://www.us-cert.gov/report-phishing

Report it to Google:
http://www.google.com/safebrowsing/report_phish/

You can also look up the owner of the site at http://www.whois.com/ then you can contact them directly or you can report them to their hosting provider, on the whois report, there is an abuse email address that you can send your complaints to.

Hopefully that helps and be careful out there.  If you are a victim of phishing, it’s best to change your password(s) and update your profile so that they cannot access your account.

comments powered by Disqus

Other Recent Blog

Getting Your Next iPhone for FREE
Posted on May 15, 2011  |  Comments I'm just sharing my experience in selling my previous iphone to get the most recent iphone. I love my iphone and i'm sure you love yours too.
Show Some Web Typography Love Using Typekit
Posted on May 12, 2011  |  Comments Typekit is a simple add-on to your site that allows the use of custom fonts. They have hundreds in their library. It's simple, light-weight, and compatible to most browsers.