Phishing is a computer attack tactic whereby someone tries to gain access to sensitive information (passwords, account numbers, etc) by fraudulently posing as something legitimate and trustworthy.
Short 3 minute video on how to recognize and avoid phishing attacks
These types of crimes are VERY common. Generally, phishing attacks are email based: a recipient receives an email that looks official and that asks for sensitive information in return. Common phishing attacks include:
- Emails pretending to be from your bank asking you to reveal your account information
- Emails pretending to be from the help desk asking for username and password information
- Emails pretending to be from PayPal looking for login information
- Emails pretending to be from someone overseas who just won the lottery or received an inheritance who needs someone in the states to help bring the money in safely
More sophisticated phishing attacks may provide a link to a fake website posing as a legitimate site – they are really just a mock of the site you trust. These sites lure people in to attempting to log in to the phony site, the victim inadvertently passing on their login credentials.
Project yourself! Never, EVER reveal your username and/or password to any system through email. The help desk, banks, and any other upfront legitimate service provider will NEVER ask for personal login information or sensitive account information over email.
WHEN IN DOUBT – PICK UP YOUR PHONE! A quick call to your bank or the help desk can help dispell any confusion as to the legitimacy of a potential attack. If you suspect a site as a fake site – check the website address (the URL) – if it isn’t one that you can identify as trustworthy, don’t pass along any sensitive information.
Take this short and fun quiz to see if you can spot a phishing email and to learn more about protecting yourself: http://www.sonicwall.com/phishing/