src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
Booking tickets, trading in shares or even paying bills online? Watch out for fraudsters lurking on the World Wide Web
d be very subtle—www.icic.com (the missing letter ‘i’ at the end) or www.paypa1.com (the numeral ‘1’ instead of the letter ‘l’).
The danger
If you comply with the request, the information that you pass on could be used in some other part of the world to transact in your name.
As a thumb rule, never provide financial or personal information in response to unsolicited messages, says Bala Girisaballa, vice-president and head of marketing and product management at iViZ Techno Solutions, an information security company with its headquarters in Kolkata.
What is it?
A common form of phishing (pronounced “fishing”) is the email you would have received from a website that mimics, as precisely as possible, a genuine one belonging to a reputed establishment such as a bank. The difference could be very subtle—www.icic.com (the missing letter ‘i’ at the end) or www.paypa1.com (the numeral ‘1’ instead of the letter ‘l’).What you need to be extremely careful about is that the sender will invariably ask you to verify your online password, credit card number, personal identification number, date of birth or other personal information to dupe you.
The danger
If you comply with the request, the information that you pass on could be used in some other part of the world to transact in your name.
Phishing attacks could also infect your system with malicious software such as a remote-access Trojan (RAT), spyware that records and transmits every transaction you execute on your computer to the cybercriminal.
There are other variants of phishing that essentially play on a range of emotion such as generosity, greed, fear and even lust to trap an unsuspecting user
Protection
As a thumb rule, never provide financial or personal information in response to unsolicited messages, says Bala Girisaballa, vice-president and head of marketing and product management at iViZ Techno Solutions, an information security company with its headquarters in Kolkata.
Keep in mind, he says, that your bank will never ask you for any such details. Girisaballa also offers the following tips:
1. Do not open attachments received from an unverified source.
2. Report suspicious emails as spam. Service providers such as Hotmail and Gmail offer a facility to report spam and phishing attacks.
3. If it has come to your company email id, inform your IT department.
4. Protect your computer with open-source anti-virus software such as Clam or free anti-virus software such as AVG or anti-spam software from organizations such as McAfee and Symantec.
Captain Raghu Raman, CEO, Mahindra Special Services Group, a firm that specializes in corporate security management, also advises net users to type in the desired URLs instead of clicking links, and cautions against transacting online at cybercafés.
But what about those who’ve been hit? Says Girisaballa: “You don’t have many redress options. However, if a bank’s credit card is involved, inform them of the transaction immediately. Often, credit card transactions can be waived and the card can also be blocked. Having said that, the best option is to ensure you are transacting only on legitimate websites.”
No comments:
Post a Comment