Phishing is a special type of spam e-mail, cleverly disguised in an attempt to steal your passwords and bank codes. Once the phishers have got those, they steal your money.
In this guide
How does it work?
You receive a plausible looking email from your bank/regularly used retailer/governemnt department. These are sent at random in the hope they may just catch someone who has, for eg, a bank account with that bank and thinks it is genuine. Often you’ll realise it’s a con because you have no relationship with the company, but sometimes you may get caught.
At the bottom of the e-mail, there will be a link. Often it looks like a real one. When you click on it, it'll probably take you through to a professional looking website – a mirror image of the real thing. You’ll comfortably put your password in – and then you can say bye bye to your cash.
What can I do?
NEVER EVER EVER EVER click a link and enter your password - no matter how genuine it looks. If it looks a genuine security concern, call your bank or visit its published website address. If it is genuine you can handle it that way, just never click on these links.
What about phone calls?
These are likely to be more genuine, however I would still suggest that as good practice, you never give your password. Always call the bank back by its published number and that way you know it is genuine.
Mistaking the genuine for a scam is nowhere near as bad as mistaking a scam for the genuine
Examples of phishing
We receive phishing emails constantly, so thought we would share a couple of them with you. These have NOTHING to do with the parent banks. I have slightly changed the links in them to prevent anyone clicking them in error.
PHISH No. 1 – The Invisible Text Phish
Run your mouse over the email and select it. You'll see invisible text appearing. The additional characters you can see in this help it beat some anti-spam software.
CItI
© The technicaI2services of this BankNare carrying out a3planned software upgrade.
We earnestlyjask you9to visit the folIowingilink to start the procedureaof confirmation ofLcustomers'Hdata. Hea
lth in 1939https://web.da-us.citibank.com/Iogin.ref.XXXX1449/scripts/client_conf.jsp Mau I ask ThisRinstruction has beenxsent to allYbank customersEand is obIigatory to foIlow. NBA LycosWe0present ourDapologies and thankxyou forCco-operating.Will you, please...
in 1961 Pictures in 1910 may closeWorld War II in 1845The NFLin 1935 Pearl Harbor AnmemberSofRcitigroupin 1978 in 2000 CopyrightG©R2004cCiticorp
d
PHISH No. 2 - The Earnest Approach
What we love about this one is it purports to be a genuine protective email aimed at stopping just this type of problem. Cunning devils.
Email address this seemed to come from: Citybank Email Security.
Underlying address it actually came from: Security-Alert@bank.alert.it.rd.yahooX.com
CItI ©
Dear Citibank Member,
This email was sent by the Citibank server to verify your email address and your identity. You must complete this process by clicking on the link below and verifying your Citibank account.
Citibank will test your identity due to latest security check.
Some of our clients recived calls from individuals pretending to be Citibank.
Tip of the day:
===============
If you receive a suspicious phone inquiry, like one asking you to verify personal information, don't provide any information and call us right away.
In order to verify your account please click on the link below !
http://it.rd.yahoo.com/*%48%54%74p%3A%2f/un%69ver
%73%61lpr%69%63%65%Z
PHISH No. 3 – The enticing attachment
A final type of phishing email to watch out for is one including an attachment, often a '.htm' or '.html' file. The sender will be trying to convince you to click and open this file, as the virus is hidden inside.
The solution is simple, but so important it is worth shouting LOUD...
Never ever ever ever EVER open an attachment unless you are 100% sure of its contents. EVER.
Final Thought
Phishing e-mails can appear to come from any bank or building society, or financial organisation for that matter, such as the Inland Revenue or HM Customs & Excise. They are extremely cleverly done, look at the above, it's very easy to be fooled.
Just follow the golden rule. Never click a banking/financial link in an e-mail. Always go to the published website address yourself. These people are scum, but clever scum. Protect yourself.
Test your knowledge
Now you know all about phishing, try this quick quiz to see how savvy you are.
Hungryhouse.co.uk 25% off
Debenhams up to 25% off
Oasis 20% off + free delivery




