Defending Yourself Against Phishing
The following are tips are given by the anti-phishing workgroup:
- Beware of e-mails that warn of great dangers. Phishers use fake statements in the e-mail that they send out. Usually, there is a warning about some threat or danger which will result in dire consequences if the user ignores it. If this is the case, the real organisation should be contacted to confirm the e-mail. This will have the added value of alerting the organisation to the fact that phishers are using their good name.
- Beware of e-mails that ask for confidential information. Phishers will ask to be e-mailed personal information that no genuine institution would request in an e-mail, eg: PIN numbers or passwords to accounts.
- Beware of e-mails that are not personalised. Phishing e-mails are very rarely personalised, for example, they will never use your forename or surname in the e-mail. They cannot do this because they have to send the same e-mail to many different people.
If you do receive an email which appears to be from your bank, don't click on any links. Instead, type in the URL which you normally use to access your bank's web site. This will ensure that you get to the correct web site and not to a fake one.
Most banks (and other financial organisations, such as Paypal) use secure web sites. You can recognise these by the use of https://, rather than simply http:// in the URL. Notice the extra letter "s". Secure web sites also display a padlock icon in the status bar at the bottom of the screen:
Next: Phishing Quiz
