Teach a man how to phish, and you feed him your identity
Phishing is a new form of
identity theft that frequently occurs on the web. The term refers to baiting techniques
implemented by a criminal to fish personal information out of an unsuspecting
user. The purpose is to use this
information to commit identity theft and other types of fraud.
How Phishing Works
Phishing typically
originates via email or a fraudulent website.
More often than not, the design will resemble well known, trusted
companies, financial institutions or government services. This makes it much easier for a criminal to
persuade a user out of sensitive information, such as bank account information
or usernames and passwords.
In most cases, a phishing
scam originating from an email will contain false statements intended to alarm
the recipient. The sender may give the
impression that the recipient is at the immediate risk of having their bank,
credit card or financial accounts compromised.
Other phishing attempts may falsely state that the recipient's credit
card was declined or is being used by another individual.
One live example of
phishing revolved around a mass email campaign that occurred in the summer of
2004. The messages advised consumers of
a prominent Canadian institution to provide their personal information because
of technical difficulties. Of course,
these emails were not distributed nor authorized by that particular financial
institution.
A phishing email can also
promise a gift or other incentives to recipients. While the message may appear rewarding, the
purpose remains the same: to persuade the unknowing into disclosing personal
and financial data to aid in the act of identity theft.
Criminals who distribute
phishing emails rely on the hope that some of their recipients may actually
have a relationship with the legitimate business they are portraying. However, a recipient is much more likely to
respond if the email appears to come from a trusted source, whether there is a
relationship or not.
Unfortunately,
individuals who respond to these emails are putting their assets and financial
information at risk. An identity thief
can use this data to access active accounts to withdraw funds or buy expensive
items and services. They can also use
the information to open up new accounts in the victim's name and remain under
the radar by supplying a different address.
The worst part of all, recipients may not realize for some time that
they have just become a victim of identity theft.
How to Combat Phishing
Schemes
Being that this crime has
evolved so rapidly, Canada's Department of Public Safety has teamed up with the
United States Department of Justice to warn internet users about phishing. Here are three steps they recommend when
being approached with this scam:
1. Recognize it:
The popularity of phishing has made this scheme easier to detect. A user should never respond to or click on
any links in an email from a sender requesting sensitive information.
2. Report it: If you have taken the bait
of a phishing scam, it is very important to contact your credit card company or
financial institution right away. You
should also report this crime to your local police department. This will provide you with documentation that
may need to be displayed to an institution to help prove your case.
3. Prevent it: Phishing
can be prevented by learning the routine practice of your credit card company
or financial institution. In most
instances, they will never ask you to confirm such sensitive information via
email. By understanding how these
companies operate, you can stop schemers in their tracks and save yourself from
identity theft.
