What is Phishing?

By Lauren Barack

March 24, 2005- No, we haven’t turned off our spell check, nor are we about to start chatting about tackle, lines. and boats. Phishing is one of the latest ways hackers are using to steal information from Internet users.

Like the name suggests, the hacker tries to “phish” information from unsuspecting users by sending them an email that directs them to a fake Web site. The most common fakes? An email that purports to come from a bank like Citibank, or an online site like eBay or even an Internet Service Provider like EarthLink. The email itself is also faked by cutting and pasting in logos that look like the corporation’s own. But when recipients click on the link, it directs them to a fake Web site where they can be directed to type in their passwords— which the hacker then uses on the legitimate site to steal information or money.

Even worse is a new type of blended phishing that sends users to the legitimate Web site — but still manages to steal their information. In this case, users are sent a spam from their bank or ISP that looks legitimate, but is faked. Recipients who click on the link are taken to the bank’s actual Web site, but the link itself can load a virus onto the user’s desktop that can then steal personal data.

The lesson here? Never click on any link from a bank, ISP, online e-tailer or frankly anyone that asks for more information from you. A legitimate business will not solicit data from you by email — they still use the old-fashioned routes of U.S. mail or even phone. Sure that phone call during dinnertime is irritating, as is the mountain of solicitations that end up in the recycling bin each month. But somehow that’s a little more tolerable than having some 17-year-old trolling through your tax returns — and then finding your bank account drained the following week.





		What is Phishing? By Lauren Barack March 24, 2005- No, we haven’t turned off our spell check, nor are we about to start chatting about tackle, lines. and boats. Phishing is one of the latest ways hackers are using to steal information from Internet users. Like the name suggests, the hacker tries to “phish” information from unsuspecting users by sending them an email that directs them to a fake Web site. The most common fakes? An email that purports to come from a bank like Citibank, or an online site like eBay or even an Internet Service Provider like EarthLink. The email itself is also faked by cutting and pasting in logos that look like the corporation’s own. But when recipients click on the link, it directs them to a fake Web site where they can be directed to type in their passwords— which the hacker then uses on the legitimate site to steal information or money. Even worse is a new type of blended phishing that sends users to the legitimate Web site — but still manages to steal their information. In this case, users are sent a spam from their bank or ISP that looks legitimate, but is faked. Recipients who click on the link are taken to the bank’s actual Web site, but the link itself can load a virus onto the user’s desktop that can then steal personal data. The lesson here? Never click on any link from a bank, ISP, online e-tailer or frankly anyone that asks for more information from you. A legitimate business will not solicit data from you by email — they still use the old-fashioned routes of U.S. mail or even phone. Sure that phone call during dinnertime is irritating, as is the mountain of solicitations that end up in the recycling bin each month. But somehow that’s a little more tolerable than having some 17-year-old trolling through your tax returns — and then finding your bank account drained the following week. Back to Top