Gorefield Village Website > Information

Information - Computing

Some useful information for computer users

Churches : Computing : Entertainment : Gardening : Gorefield Show : Groups
Helplines : Locality : Local Maps : Notices : Sports & Recreation
Web Site Contributors : Submit Information

Viruses : Firewalls : Spam : Phishing : Software : Buying a PC : Broadband

Phishing (see Disclaimer Notice)

What is Phishing?
Phishing (pronounced 'fishing') uses 'spoofed' e-mails and fraudulent web sites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands, such as well known banks, eBay, PayPal, AOL, MSN, Yahoo, EarthLink and Best Buy, phishers are able to convince recipients to respond to them resulting in financial losses, identity theft and other fraudulent activity against them.

Phishing (sometimes called carding or brand spoofing) is yet another form of attack on computer users. Instead of sending malicious code (like a virus) you are tempted to download a Trojan Horse yourself. Once this Trojan Horse is running on your computer it can capture information, like keystrokes, and transfer it to fraudsters. They then have access to online accounts and e-commerce sites you have used and they will also have the passwords to access them.

Phishing e-mail How is the Trojan Horse downloaded?
It usually starts with an e-mail that asks for personal or financial information or telling you you have purchased something or you need to check something (like a posting on a bulletin board). So you go to the site to update your account or because you know this is a mistake and you need to correct it. You unknowingly download a Trojan Horse virus and it is installed on your PC so that every time you go online it captures all the information needed to take money from accounts.

How can I defend against Phishing
If you get an email or pop-up message asking for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organisation in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.

If the e-mail refers you to a web site, look carefully at the address. It's easy to disguise a link to a site. Beware of the @ symbol in the address. Most browsers will ignore all characters preceding the @ symbol, so this address -- http://www.respectedcompany.com@thisisascam.com -- may look to the unsuspecting user like a page of Respected Company's site but it actually takes visitors to thisisascam.com. The longer the web site address, the easier it is to conceal the true destination address. Other ways to disguise addresses include substituting similar-looking characters, so that paypal.com could be (and has been) spoofed as paypaI.com (the L is a capital i) or paypa1.com. Similarly, a zero can be substituted for the letter O within an address.

You know who you deal with and what you have purchased so don't be fooled by someone telling you to check an account you don't have or an invoice for something you didn't purchase. If it is from a company you deal with them go to their genuine home page and find out. If the message has a link for you to follow then it is quite likely to be a spoof. No-one will ask you to confirm your account details and provide a link - they will ask you to log in as usual on their web site.