What is Phishing
What is Phishing? Phishing is a huge threat that causes financial loss and undue hassles to the victims. What is important is that this phenomenon is prevalent worldwide and not only is your bank accounts at risk but your Facebook account can also be attacked.
Obviously in a financial scenario the loss is more tangible and you are more vulnerable, so we will discuss here how phishing poses a threat to your bank account and the ways to protect yourself from it.
I have number of times received SMSs and emails (and so must have so many of you) that tell me that I have won a random lottery or somebody has left me a fortune. Once I got an email that some person sharing the same surname as me died in Africa and they had traced me as his only heir (just imagine what are the odds of this happening); it seemed absurd and amusing, too.
I had to send in my bank details so that GBP 500,000 could be wired to my account—wow! This is the simplest way and the first step to lead an unsuspecting person to reveal information.
However all attempts are not so simple; often much more complex and sophisticated means are employed to get information and dupe victims.
What is Phishing?
Phishing is an attempt by unscrupulous people to try and steal your personal information; the most common way to do this is through emails. These emails appear to have been sent by well known and reputed organizations and direct you to click at a link and then submit information which can be misused later. The simplest way to avoid phishing is to know how to distinguish a phishing mail from a genuine one.
Example I: Subhash got an email from his bank which said that said in the Subject “Important: Verify your account details.” The email detailed that some failed login attempts were made in his account so he must visit the given link and verify some details. Subhash who had just started using online banking was worried he had just received his salary credit.
He immediately visited the link which prompted him to confirm his user id, password and the PAN number.
A day later he got an alert on his that Rs. 50000 had been transferred from his account to another account. He immediately contacted his bank which confirmed that his money had been transferred online to some other bank account and the bank had no control over the transaction as the login had been made with the right login and user id.
The only saving grace was that he was able to freeze transactions in his account and limit further damage.
How to Recognize Phishing Mails?
Now that we know what phishing is, let’s understand how to recognize phishing:
- Banks usually send mails with your name or surname mentioned which means that the mail is addressed to you. Phishing mails have generic greetings; if you receive a mail with generic greetings it should set off alarm bells ringing.
- An important thing to remember is that banks have all the information that they require in their database. When you fill out the account opening form you give the bank all the required information so the bank is not going to send you emails to request it again.
- Again banks never ever ask customers to reveal their passwords—on the contrary they always advise customers to be careful with their passwords and send fliers and updates for safe banking. So any message or email asking to verify your password should put you on guard.
- Phishing emails generally carry a sense of urgency and will often have words/phrases like “important,” “urgent,” and “immediate action required” in their subject line. These are designed to create a sense of urgency and confuse a customer to act rashly.
Useful Tips to Protect Yourself from Phishing
Now that we know what phishing is (and how to recognize phishing) lets understand how to protect ourselves from phishing
- Avoid using links in emails type the site address.
- In case of doubt call the bank and check
- Read the communications and messages sent by your bank; they have important information about any changes that might have been registered in your bank details. Often a fraudulent person posing as a customer will call the bank and request for an address change; when this is done they request for a new debit card. To avoid this some banks now have a cooling period where you cannot order a new card for a month or so after an address change.
- Use common sense and don’t be lured by the promise of unreasonably huge windfalls.
- Don’t give in to fear, no bank will ever close your account or even deactivate it by merely sending an email.
- Check your bank statements regularly and carefully.
- When you visit a website look for the small lock sign that appears on the end of the bar where you type your site address; this signifies that the site is secure.
What is Skimming?
Another common technique that is used for defrauding customers is Skimming. Here the information is captured from your credit card.
How it Works:
You give your credit card at a restaurant or a petrol pump and it is swiped twice. The second time it is swiped for the benefit of the skimmers. The information is stored and later retrieved for misusing. So when using a card make sure that you get your card swiped in front of you and do not hand over the card to be swiped in a back room.
Small steps go a long way; a few simple steps (and being alert) can protect you from falling in the trap of those looking to make financial gains at your expense.