Phishing

You may have heard or seen the term phishing, or spoofing or carding, and not known what it means.

What is phishing?

Phishing is a kind of scam carried out by fraudsters who try to get hold of sensitive information (passwords, credit card details, etc.) illegally, by pretending to be someone you trust, such as your bank or a web site you are registered with.

How does phishing happen?

Phishing is usually done in an email: you receive an email that appears to be from your (or any random) bank, or a web provider, such as ebay, asking you to confirm or verify your account details with them.

The email usually contains a link to a web site which looks identical to the real one, but which has a slightly different address from the page you usually go to (e.g. www.ebay.phish.com instead of www.ebay.com). This web site will ask you for all of your account details, including all possible security questions.

If you fill in this information, the details will be sent to the fraudster, who will log in to your actual account and either transfer lots of cash or buy items using your account.

How to avoid being a victim?

If you receive an email asking you to confirm any account details, you MUST ignore it. Banks and web sites will NEVER randomly ask you to confirm your details - this is a process which only you can start.

What to do if you think someone has tried to get your information

If you receive an email asking for your details, contact your bank or web site to let them know that someone is pretending to be them.

For more information about phishing, look here on Wikipedia, an Internet encyclopaedia.