Ecommerce is big business. Hundreds of billions of electronic transactions occur globally each year and this figure is set to continue to rise. Unfortunately as this business has grown it has become prey to some nefarious operators who are keen to get their hands on a slice of the money by any means necessary. Hackers have managed to come up with many devious ways of intercepting sensitive information through the use of malware like viruses and Trojan horses. One method which has been responsible for theft of vast sums of money is known as ‘phishing’.
What are phishing scams?
The word phishing refers to a term where email lures are used to ‘phish’ sensitive data like bank logins and passwords from unsuspecting victims. The use of ‘ph’ instead of an ‘f’ in the word comes from early hackers that were known as ‘phreaks‘.
Phishing scams have been around since the mid 1990′s and since their initiation they have grown and developed in order to evade detection. The original method of deceiving users into replying to e-mail requests for passwords and credit card details has now evolved to include fake web pages, installation of Trojan key-loggers, man-in-the-middle data proxies and screen captures.
All of these methods are delivered through electronic communication channels and target sensitive information belonging to the victim.
As a result of the high success rate of phishing scams these systems now even include fake job sites or job offers. Applicants are attracted with the promise of high earnings for a small investment of time. In order to participate all they are required to do is to create a new bank account, then take the funds that have been transferred into it, less their personal commission, and transfer it forward as an international money order. This is money laundering and although the victim here might not lose their own personal funds it is possible to suffer prosecution and even imprisonment as a result of this ruse.
How to spot suspicious signs
Luckily, although hackers are technically gifted, they are also prone to making mistakes and there are plenty of tell-tale signs that will let you know that the email you have received, or the webpage you are on, is part of a phishing scam. If you have an email from a company that you have not dealt with before, it is probably part of a scam.
Phishing emails often have small spelling and grammar mistakes which you will not find if the source is legitimate. Pay close attention to the senders address and if you are unsure compare it with other emails that you have had from that bank or business. If the message requires an immediate response or contains a threat of legal action it may also be part of a con. You should also pay close attention to the security certificates and web address for any site that you are on. Secure web addresses will start with https and display a padlock symbol to show that they are safe.
[Recommended read: How to Detect Malicious Websites]
How to make sure you don’t become the victim of a phishing scam
You do need to pay close attention to what you are doing when performing transactions on the internet. Take care with any emails that you receive and check them carefully before you proceed. Do not click on links in messages and use the address bar on your internet browser to locate websites to check their level of security. As a general rule of thumb, if you don’t think it looks right, do not enter your information.
[Read also: How to Stay Safe Online]