Monday, October 22, 2007

Phishing: beware

5 of my friends have been victimized by phishing in their yahoo! instant messenger. But what is phishing really? According to wikipedia, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.

What damage can it do to you? Well, first is that you lose your account (in this example you lose your yahoo email ). Your private information get exposed to the hacker and your friends account can potentially be hacked as well, because the hacker will use your account to continue the phishing process. Unfortunately, this time, the hacker have trust factor, because the hacker is pretending to be you.

How to detect and prevent this?


1) Make sure never to login or put your account to any URL link that they gave. No matter how real it is. Take note, that sometimes, you will receive a fake email stating that you need to renew your password. If this happens, make sure to contact the website itself. (This actually happened to me. I received a fake Amazon email ).

2) If a friend tries to chat with you, make sure to ask your friend's information to know if its really your friend. Hacker doesn't know you, so he/she will rely on your email for information regarding you, to victimize others.

3) Always make a habit to sign-out everything you're done with your account.

4 comments:

Unknown said...

Oh that's good info... but for me, it's too late now. BUT a very good lesson learned! I never thought it could happen to me. Now that it did, I will be more vigilant and will really be more alert/aware of who's out there in the online world. It's so easy to be trusting in Yahoo chats knowing (assuming!) you're with FRIENDS... Careful, careful.

Vincent Gellera said...

Ems,

You can still retrieve your Yahoo ID. Just call the Yahoo Customer Support +1 (866) 562 7219

Unknown said...

When Microsoft designed Windows, they have a mindset that all is good and everybody are helpful online.

Unlike Mac OS X, which is based on UNIX. UNIX was designed to be used by the military which treats everybody as an enemy unless proven otherwise.

So on the web you could either be a Windows or a UNIX.

diobert said...

"Trust men and they will be true to you; treat them greatly, and they will show themselves great."
-Ralph Waldo Emerson

Phishers misuse trust, trust them and they will trick you; treat them greatly, and they will show you what a great thief they are.

Practical Kanji