Phishing is a scam that comes by e-mail. The e-mail claims to be from a bank or other financial service such as Western Union, Pay Pal, e-Bay, or on-line stock broker. Often it is from an institution where you don’t even have an account, but sometimes, by chance, it’s from a place familiar to you.
The e-mail is designed to trick you into clicking a link to the phishing website, that is, a forgery of a website you trust, and entering your credit card, social security/social insurance number, password, account number, or other personal information. Sometimes the e-mail threatens that your account will be limited or other penalty if you don’t go to the phoney website, other times it promises money or other benefit. Ironically, like a self-prophesy, some e-mails warn that someone is trying to access your account, and they are right, someone is trying to access your account: they are!
A few years ago I received my first phishing e-mail; it was supposedly from Pay Pal. I clicked the link to the website and was asked to enter my account number and debit PIN. I knew Paypal would never ask for my PIN, so immediately I realized it was a phish, before I knew the term.¬† In other words, it was a scam.
My dad once entered his credit card on a phishing site. A few days later, his bank called and asked if he’d been shopping in Czechoslovakia. He was lucky his bank recognized a “phishy” purchase and contacted him.
Yesterday I received an e-mail, supposedly from the IRS, but in reality from fraudulent criminals attempting to lure me to a phoney IRS website and claim a tax refund. The creators of this phish e-mail were in such a rush they even left telltale signs of the “<" characters that happen when you copy and paste an e-mail. They couldn't be bothered to delete them. If the IRS does send e-mails to people about refunds, which I doubt, they would send more professional-looking ones. The phishermen were counting that my greed for the $300 refund would surmount any misgivings about the shoddy-looking e-mail. But it went directly into my "Bulk" folder in my Yahoo mail. And even if it hadn't, I can recognize a phish e-mail right away. So, protect your identity, be aware and learn to recognize phish too, and don't get lured into any "phishy" sites. Get your web feet wet, safely, with Ducktoes!