Today's posting is designed to help the business education student, in particular, the computer science student in understanding the concept of phishing, recognizing when it may be happening, and what to do if it does.
Phishing, the act of deceiving an internet user into believing they are doing business with a legitimate organization by creating a fake website.
PandaLabs recently reported a high of 57,000 fake websites created in one week, designed to steal from various internet users. About 80% of them employ phishing techniques to trick users into entering personal information that could be used to access users accounts. Computer science and business education students are common targets for such activity due to the amount of business done in an online environment coupled with their lack of in-depth experience with such activity. One can see from the chart below how widespread the nature of the attacks really is today.
 |
Chart shows business categories targeted by phishers and respective proportion of fake sites.
Panda Labs' study showed that 375 branded firms were used as the 'bait' companies with eBay and Western Union being used 54% of the time when combined. Particular attention should be paid to anything coming in the name of either company. Phishing works by sending an email that appears to be from one of the major banks or other internet-based companies to potential customers of the organizations. They typically claim to need the user's personal information to verify or update the account. Once the user enters the information into the form provided or the website they are directed to, the scam goes into action. The con-artists will then attempt to use the personal data to access the real accounts in an attempt to steal money or perhaps the user's identity. Once this is done it is very difficult for the user to recoup lost funds and correct credit history damage.
Major providers of internet security tips, such as Microsoft offer information free of charge on sites such as: http://www.microsoft.com/athome/security/email/phishing.mspx?ifs=0 or the video below. (If the video does not play in your video display, it can be located at www.microsoft.com/athome/security/email/phishing/video1.mspx)
The bottom line in internet security and with phishing in particular is to be cautious and question everything. Keep all passwords as strong as you can make them by not including proper names, birthdays, or numbers other can guess like addresses or zip codes. When in doubt, research it! If that does not provide enough comfort, don't reply to the questionable requests and report them as potential scams. The FBI maintains a website dedicated to identifying scam emails and websites and offers a reporting link for suspicious activity. The website can be found at http://www.fbi.gov/cyberinvest/escams.htm.
Be cautious! Be safe! |
Great point. Most students think that if it looks legit, then it is. Wrong, Internet safety is important and should be addressed accordingly in the classroom. Cool video!
ReplyDeleteI found a good training ground for "Seeing does not have to mean believing" at this website: zapatopi.net/treeoctopus.html
ReplyDeleteThe kids look at the Photoshopped pics and think it's real. It doesn't help when a reputable retailer like Cafe Press (www.cafepress.com/treeoctopus/) sells merchandise to help support the conservation effort. It goes to show you the old addage, "B/S baffles brains" works all too frequently.
Ryan... The detailed information you have provided to students along with supporting media is helpful.
ReplyDelete