|
It has been recently reported that phishing attacks
(spoofed emails that appear to be from reputable organisations collecting
personal and confidential information from unwary users) are on the
increase, with a single attack having a success rate as high as up to 14%
within 24 hours. A typical phishing scam will be an email claims to come
from a bank or other financial institution. Such emails typically ask you
to provide information that the organisation should know already, so be
wary of responding to or clicking on the links to the emails. It is
strongly recommended you delete these emails.
When we last reported on the topic in our
July/August 2004 newsletter, phishing was
an almost unheard of topic to most computer users, with only 5% success
rate, but nowadays most spam that arrives in our inbox also is likely to
be part of a mass phishing attack.
To ensure that you do not become a statistic, ensure that you follow
these suggestions:
 | Be cautious when opening emails, even if they appear to be from
someone you know. |
| Don't open attached files in an email you were not
expecting to receive. |
| Manually enter the correct web address for websites, or create a
favourite/bookmark to it. Never click on links contained within the
email itself. |
| Ensure you have Internet Security software installed and keep
it
updated. |
Our advice is that you never respond to such an email,
and that you confirm with the organistion that it is fraudulent and then
delete it. Most organisations would not request such personal information
from its clients over the internet.
If you are unsure whether or not an email you have received is actually
genuine, contact the organisation by phone or visit their website. Do not
use the details provided in the email itself, look up the correct details
in the phone book or visit their website.
To help you become aware of phishing emails, here are
some samples:
Sample Phishing Email from Commonwealth Bank
Sample Phishing Email from National Australia Bank
Sample Phishing Email from
VISA
Please also see
Be Wary of Phishing - Part 1 for more
information. |
