- Featured Columnists
- My Business
- Business Insurance
- Communications and Work Anywhere
- Customer Service
- Direct Selling
- Human Resources
- International Trade
- Legal Assistance
- Marketing, Advertising, and PR
- My Office
- Security and Fraud Protection
- Government Resources
- Selling Online
- Starting & Planning
- Travel Resources
- My Cash
- Women In Business
- Industry Solutions
- Social Media
- Calculators and Tools
- My Employee
|Share / Print / Sitemap|
Put simply, phishing refers to the act of trying to get personal information under false pretenses. Phishers who initiate these attacks may try to get user names, passwords, bank account information, credit card details, and more from their victims ultimately resulting in identity theft.
Phishing attacks usually occur through an e-mail that looks like it’s from a legitimate source. The e-mail (or website or phone call) will appear to be coming from a place the victim recognizes, like their bank, credit card company, or even a social network site. Thinking the source is legitimate, the victim will then answer questions or enter information that gives the phishers their personal details.
The crude, poorly formatted phishing emails of a few years ago have largely been replaced with professionally designed phishing attacks that are hard to distinguish from legitimate messages without careful examination.
In a new variation known as “spear-phishing,” hackers will research a target — usually a business executive or someone with a high net worth — to learn personal details or the names of connections to help legitimize their attack messages. Several financial executives, for instance, have been fooled by spear-phishing attacks that purported to be urgent requests from those executives’ bosses.
Understanding that these types of attacks occur allows you to be on the lookout for them. Here are a few specific tips for recognizing a phishing attempt:
If you think you’ve received an e-mail that’s an attempt to get your information, you could just delete it.
However, if you’re concerned that it could be legitimate, your best option is to contact the company directly through other means. For example, if you receive an e-mail that looks like it’s from your bank, but you’re not sure, call the number on your statement. That way you’ll be sure the person on the other end is who they say they are. It is better to be safe than sorry when it comes to your security.