What is it? Phishing is the act of sending a fraudulent mail to someone under the disguise of a legitimate name or organisation. The intention is to dupe the recipient of the mail into believing they are accessing a bonifide website when they are in fact unintentionally handing over private and confidential information to cyber criminals.
What does it look like? Most current phishing mails are designed to take you to a fake copy of a well established business. They achieve this by asking you to reset your password or to inform you of new banking services. In other cases, they use their own form of irony; “We suspect someone may have tried to illegally access your online banking account in the past 24 hours. Was this you? Please check your account now. Visit http://www.yourbank.ie and reset your password to protect your account”.
After clicking on the link, the user is taken to an exact copy of their bank where they begin to enter their online passwords. After a few unsuccessful attempts, the criminals will now have enough information to access your real online bank account. Chances are, they’ll have emptied the real account while you’re still wondering why after 10 years of using the same online password, it has now suddenly decided to not work!
Any request asking you to ‘please verify your account’ or to ‘confirm your login details’, that you yourself have not initiated is almost definitely a scam.
To avoid becoming a victim, only visit a website where you have to enter your login details by typing the address manually.
Update: 12th March 2010. Here is an in-depth article on a phishing scam we recently received.