Computer Information

Useful Computer Information:Phishing Scams

This is a short description of what a phishing scam is, how it works, and most importantly, how not to get caught out by it.

What is a Phishing Scam and how does it work?
It is a low tech way for scammers to gain access to bank accounts and other online accounts e.g. ebay, amazon or paypal. The scammers create a email that looks like it comes from the reputable company. It will usually claim that you need to "verify your user information" or similar, by inputting your user details to carry on as a user of the company. It will also usually try to pressure you by claiming that you will be locked out of the site if you don't reply quickly.

When you get an email from any company Keep calm! There is an instinct to rush in and sort it out. Don't! Read the email slowly and compare it to the list below.

Note: All the emails are slightly different and, while this is an example of a typical email, please be careful when you receive any email from a company and think about whether some of the points below may apply, especially point no 1.

How to identify a Phishing email and not get caught out by it.
The best way to explain is to show an example. Here is one I received from "ebay" (The list below refers to numbers on this image)

  1. Most Important The email will always contain a link to what appears to be a login page or similar page for you to fill in your account details. It will look like an official company page, but it IS NOT, it has just been designed to look like one.

    Never ever click on a link in an email from a company. Always go to the site of the company, log in as usual and see if there is any indication that there is a problem/anything unusual with your account. A genuine email should tell you to do this, rather than giving you a link.

    Also notice, at the bottom of the email, that the link does not actually go to ebay's pages, (although this is not always the case and is therefore not a reliable indicator.)

    2. Everything else on the email is to try and convince you to click on that link and enter your user name and password. What the scammers can do when they have your username and password, I will leave to your imagination.

    There are various things that show that the email is a scam:

  2. They will try and sound knowledgable by discussing the "user agreement" or similar, knowing that you don't actually know what it says.
  3. They will try and scare you by claiming that if you do not "update your account" or "verify your account details" within a short period of time, you will be banned from the site. This is to try and pressure you into clicking the link without thinking too much about what you are doing. Don't worry about it, take your time and think.
  4. They will usually claim to be from the security department of the company to try and sound official.
  5. The subject line will try and scare you initially.
  6. They will usually address you as "dear customer/user" On ebay/paypal where you have a login ID, official emails from the company will address you by this.
    Update: Some of them are getting more sophisticated and addressing you by your ebay user ID. I don't, as yet, understand how they are able to do this, but it has been seen, so be careful with this.
    I'm less sure for banks, but they rarely send emails to customers anyway. I would guess they would address you by name.
  7. Look out for spelling and grammar errors. These messages are usually sent from countries where English is not their first language. "information" is a difficult word for them to understand. A lot of messages ask for "informations".
  8. Look out for the currency. Most messages are targeted to the US so details are in dollars., If you are another country, this is obviously nonsense.
  9. Also, it may sound silly but, if you do not have an account with the bank in question, or with ebay/paypal, then the email is obviously a scam.

Here is another example of one from "ABC bank" (I think it's an American bank) It may not have all the same elements as the ebay one but it follows the golden rule that there is a link for you to type your security details into and the rest is pressurisation to make you do so.

What can I do about them?
The simple answer is, not much. If you are still not sure whether it is a phishing email, some companies have an address to send them to. These include spoof@paypal.com and spoof@ebay.com. They will reply and tell you whether it is a scam. There is also an Anti phishing working group that you can send emails to. Otherwise, all you can do is delete it and hope you don't get too many more. :-(

Companies are trying to fight back, but this is happening slowly, see The Register: Analysis (30/11/03)

Other phishing emails can be seen at The anti phishing group archives

So you think you are an expert now, and will be safe from phishing emails. Are you sure? Try the Washington Post Phishing quiz. Can you identify which emails are genuine and which are phishing emails, Or try the one at Mailfrontier.com

For more information, have a look at these links.