ABOUT CONTACT SITEMAP

HOME CENSORSHIP SENSATIONALISM LEGITIMACY RESOURCES TRIVIA GLOSSARY

Dos and Don'ts to Avoid Phishing

---

Phishing is scary, and one sure does not want to be reported in the papers for having lost a million because of keying in account details on some fraudulent site.

These are the basic precautions that we should always keep in mind in order to recognize a phishing attempt:

DOs :

1. Always remember that banks and credit card companies will not ask for confidential information such as PIN, credit card numbers, and passwords through emails. This is a very clear step to spot phishing efforts.

2. Always key in the URL in the address bar yourself. This is to prevent phishing attempts that use a masqueraded URL, which can direct us to a fraudulent website.
There is a way to find out the real URL of a website. Just type javascript:alert("Actual URL address: " + location.href);
in the address bar and you will figure out whether a website is trying to forge its URL or not.

3. Check the security of the connection, which is often indicated by a lock icon put in the right corner of the bottom status bar or, in IE version 7.0 and Mozila Firefox, it is right beside the URL bar.

Some phishers can put a lock icon inside the web page, and if we come across such thing, it indicates that the website has been forged.

To ensure that the certificate is issued and signed by a credible company, click on the icon and you can see who the issuer is and the date of expiry. Some examples of companies issuing security certificates are Verisign and Equifax.

4. Update your operating system and your internet browser regularly. The latest version would be equipped with better phishing-detectors than the previous one.

5. Update your spam-blocker and antivirus. Fraudsters are coming up with deadlier virus technologies by the day.

6. Use different passwords for different accounts. People have the habit of using the same password for every account because it is “easy-to-remember”. Unfortunately, phishers know this very well and this makes the user vulnerable to phishing attempts.

DON'Ts :

1. Don't get pressed to divulge your confidential information easily.

2. Never click any links provided within an email, especially emails that you are not familiar with or email that vividly contain illegitimate, hyperbolic subject lines. The best method is to never open such emails, especially the ones that do not contain any subject line as it may be a virus-generating email.

3. Never fill up any forms embedded in an email.

4. Never fill in your confidential information inside a pop-up window unless you are sure of its authenticity, even if the background webpage is legitimate.