Protect Yourself from Phishing, Vishing, Smishing and Pharming

According to the 2014 Review by RSA, the security division of EMC Corporation, Indian Internet users are increasingly targets of phishing attacks on the Internet.


Such attacks have resulted in losses of $15 million for Indian surfers in just the first six months of the previous year. Rising computer and smartphone usage and broadband Internet penetration is putting India at risk of further increase in phishing attacks. It costs only $75 for hackers to send 500,000 phishing emails which means that one just cannot afford to underestimate this problem.


Read ahead for more information about phishing and its numerous variants along with measures that can help you protect yourself.


Phishing and its Variants

Just as fishing involves placing the bait in the water and waiting for the fish to bite, phishing is an attempt by cyber criminals to con computer users into disclosing private information like PAN details, bank account information, credit card details, and other personal information that can be used for identity thefts.

The crime begins with a generic email or chat message, which invariably contain messages like:

  • Promise of foreign fund transfers
  • Opportunity to interact with attractive man or women
  • Warnings from authorities about problems in one’s banking records

The email tries to convince the reader to click on a link, download a file, or reply with certain personal and financial details. If the reader complies, the criminal will use subsequent interactions to acquire more information and details.


Vishing

Vishing refers to voice-based phishing. Now that mobile banking has become very common, criminals pretending to represent banks, credit card service providers, tax authorities, or even utility companies use social engineering techniques to trick the victim into revealing private information.


Smishing

With smart phones allowing individuals to access bank accounts on the move, cyber criminals are using text messages with links to malicious sites or phone numbers that lead to official-sounding requests for your account details, PIN, and other personal information to perpetrate identity theft.


Pharming

Pharming involves the installation of a malicious software or code on the user’s computer through emails and chat messages. The code leads you to malicious versions of your bank or credit card websites. A pharming victim ends up submitting online banking details to cyber criminals without even realizing it.


Protective Measures

Although tactics may vary depending on the medium, all crimes described above succeed primarily due to the carelessness, lack of awareness, and absence of caution on the part of the victim. The following measures can help you minimize the risk of becoming a victim of phishing and other cybercrimes:

  • Don’t disclose personal or financial information to strangers through email, chat messages, SMS, or telephone calls. The risk of offending a stranger is preferable to the risk of becoming a victim of identity theft.
  • Down download files sent by strangers even if the message does not seem suspicious.
  • Never reply to unsolicited requests from persons claiming to represent banks or tax authorities.
  • Don’t visit your bank’s website through email links. Type the address in the browser’s address bar.
  • Make sure you are not visiting a fraudulent site by checking the site’s identity information. All banking sites work with agencies like VeriSign that provide independent confirmation of the site’s authenticity. Just click on the lock adjacent to the site’s name in the address bar.
  • Install a quality anti-virus and anti-malware program in your computer, laptop, tablet, and smartphone.

Links

http://www.emc.com/collateral/fraud-report/rsa-online-fraud-report-012014.pdf

http://india.emc.com/microsites/rsa/phishing/index.htm

http://securityresponse.symantec.com/en/uk/norton/clubsymantec/library/article.jsp?aid=cs_smishing_vishing

• Site Map