I know growing up as a child, I loved to go fishing. I never caught very many fish, but just being out on the water “drowning worms” was good enough for me. As the years have passed, though, a new kind of “phishing” has emerged.
The term phishing refers to luring techniques used by identity thieves to fish for personal information in a lake of unsuspecting Internet users.
Their purpose is to take this information and use it for criminal objectives such as identity theft and fraud.
Phishing is a general term for the creation and use by criminals of emails and websites – designed to look like they come from well-known, legitimate and trusted businesses, financial institutions and government agencies – in an attempt to gather personal, financial and sensitive information.
These criminals deceive Internet users into disclosing their bank and financial account information or other personal data such as usernames and passwords.
Today a new form of phishing appears to be spreading through social websites such as Facebook. This new scam works like this.
As soon as you login to the site, it will steal your email and password and then log you into Facebook. Within a short period of time the system will automatically switch your password and block you from the site. It then begins to send the same URL to all of your Facebook friend’s inboxes.
As this spreads, the criminals gather thousands of email addresses and passwords before Facebook can stop all references to the website.
The scammers have developed a method to duplicate the scam immediately and the next thing you know they have four or five phishing scams going on at the same time all over Facebook. This allows them to gather hundreds of thousands of victims very quickly.
It is not known yet what these people intend to do with all these addresses, but you can almost guarantee that they will result in a malicious worm at some point. The potential to access a user’s financial information and accounts could result in the loss of millions of dollars.
Another form of phishing is called “in session” phishing. This form does not use email nor does it rely on the user having to be tricked into clicking on a link.
It works like this. Let’s say you go to your banking website that is secure. You login and take care of your business, then leaving that browser window open you innocently go to another website that has been compromised. All of a sudden a pop-up asks you to validate your login to continue your banking session.
Remember two things must happen in order for this scam to work. First, a website must be compromised and infected—the higher traffic the better, obviously.
Second, the downloaded malware must be able to identify whether or not the unknowing user is logged into a relevant website.
Most banking institutions have taken steps to prevent this. One step is having a rapid disconnect of an idle session.
But in order to be safe we would recommend closing all browser windows after you have visited a secure banking website.
In addition it is very important to keep your system free of all spyware, malware and viruses.
Tech Experts has certified technicians that clean these types of infections and malware from computers every day. We urge you to take advantage of our system checkup and cleaning service to keep your identity to yourself.