It's so nice to think that everyone has your best interest at heart, that everyone is in it – whatever "it" is – for the right reasons. While this may be a warm and fuzzy thought, it's not realistic. Not everyone has the best intentions. It is not a negative thought, it is the truth, and one that you must be aware of, especially now that everyone and everything is connected through the World Wide Web. And the truth is, spyware and malware scams are attached to more web pages and emails than you can imagine.
The internet is one of the most influential inventions, nay, phenomenons, in the history of the world. The web connects billions of people around the world every day, but not all of those people want to connect with you purely for social reasons. Many are waiting for you to access their spam message, pop-up, email or website as to gain your trust and access your information.
This act of accessing your data online is known as phishing. According to the Anti-Phishing Working Group (APWG), "Phishing is a criminal mechanism employing both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials." To protect yourself from this criminal activity, we recommend investing in anti-spyware software such as Spy Sweeper, CounterSpy, STOPzilla. This anti-spyware software is designed to block phishing scams, keeping you and your information safe from prying eyes.
In addition to investing in anti-spyware software, the APWG has more advice for consumers on how to avoid phishing scams:
1) Be cautious of emails urging you to share your personal financial information.
- These emails usually include requests for your date of birth, social security number, credit card information, usernames and passwords. Most legitimate businesses will not ask for this information in an email.
2) Do not click an unknown link in your email or chat message.
- If you receive an unknown link through an email, instant message or chat, do not click to access the link. To make sure the link is not leading you into a phishing trap, you can Google the supposed company who sent you the link and contact them via telephone to verify the email.
3) Do not fill out forms that come through your email requesting your personal finance information.
- Contact the company directly. Once you've deemed them trustworthy, you can give your information via telephone or the company's secured website.
4) Be aware of the websites you're visiting and always, always check the address line to determine if it is a real website or not.
- The web address you see should be obviously related to the company or group who publishes the website. For example, be wary if you're on a site that says it's hosted by the American Red Cross but "RedCross" does not appear in the URL.
5) If you believe you have received a "phishing" email, report it immediately. Forward the entire original spoofed email to the following organizations:
- The Federal Trade Commission at email@example.com
- File a complaint on the Internet Crime Complaint Center of the FBI at www.ic3.gov
Social engineering schemes, as the APWG explained it, can appear in a variety of ways, including emails that have a professional look and feel. Many consumers will believe these emails to be from real businesses and will divulge their passwords and usernames without a second thought. Now that this information has been retrieved, the authors of these "technical subterfuge schemes" wedge their corrupted hardware into your PC, where they can more easily obtain your financial and other personal information. Some of this hardware is even designed to monitor and track your keystrokes.
We do not want to scare you away from ever using your computer again, but we want to remind you to be aware of any emails, pop ups or websites you may access. If you are interested in anti-spyware software, which will protect you from spyware and phishing scams, we suggest you check out our anti-spyware software website as well as additional articles on anti-spyware located in our Learning Center.
For more in-depth information, including pie charts and line graphs with phishing numbers and data, visit the Anti-Phishing Working Group at antiphishing.org.