Guide to Avoiding Phishing Scams

Online banking is considered to be one of the greatest innovation in the banking industry because it provides more convenient banking options and financial transactions both for the clients and the bank. The popularity of online banking not only gave way to a series of benefits and advantages for the betterment of banking processes but it also led to a number of problems that exists to complicate and endanger certain banking transactions. The problem that is considered to be one of the most tricky ways to illegally alter banking operations is a phishing scam. The term phishing is considered by many to be a modified form of fishing because it is a process which is characterized by the illegal fishing for confidential information for the purpose of personal financial gain. Phishing involves the use of baits in the form of very convincing mock emails in order to catch some fish which are in the form of financial information, usernames, or passwords.

The Scammer's Plan

The main objective of a phishing scam is to acquire personal data from other people. Confidential information such as full names, usernames, passwords, account numbers, pin codes, credit card details, social security numbers, date of birth, address, contact numbers, mother's maiden name, and ATM codes are just some of the things that scammers usually ask for in phishing emails. When you respond to the phishing email by visiting the given link and by updating your particulars, the scammers will then try to use the information you provided in order to steal your assets by illegally accessing your account.

The Fake Email

The act of phishing begins with a fake email and a link manipulation technique. The scammers, who wish to illegally gain access to the financial accounts of other people, start the process of phishing by collecting email addresses of potential victims. After acquiring the desired number of email addresses, the scammers will simultaneously send a similar email to the gathered email addresses. The email sent by the scammers is specifically designed to look legitimate enough so that the recipients will think that it really came from a financial institution, a trusted business, or a famous bank. The email usually states an urgent request from the bank which asks you, the email recipient, to update your personal data or "verify your account." settings. Because such requests are always suspicious, the scammers also include a "legitimate" reason why the financial account or the personal information has to be updated or verified. Some of these very convincing reasons include an occurrence of technical error in the account settings, a suspension of the account due to some unexplainable event, or a deposit of a huge sum of money in the financial account. If you decided to buy the reason given to you by the fake email, you will be asked to click on the provided link which is stated to direct you to the website where you can update the necessary information.

The Mock Website

When you click on the link given by the fake email, you will then be directed to a mock website. The mock website, like the fake email, is carefully designed to look as authentic as possible. This technique is called website forgery. The scammers today are so smart that their deception can go as far as altering the address bar. Using some Java Script commands, the scammers are able to present a legitimate-looking URL in the address bar so that you are made to believe that the website you are currently visiting is the real thing. The mock website contains a real-looking security certificate and an authentic-looking company logo to avoid any suspicions.

The Fraud Identification

In order to identify whether an email is sent by online banking phishing scammers, you have to look for some doubtful phrases. An email that starts with "Dear valued customer," is probably a message that is sent in bulk just like phishing emails. An email which doesn't contain your name but claims to be an authorized one may be a fake. Another phrase to look for is "verify your account.' A lot of financial institutions are constantly reminding their clients that they do not usually perform very confidential process such as account verification via email because transferring important information through the Internet may be very risky. "Click the link below to gain access to your account" is one of the most common indicators of a phishing email. If the mentioned phrase appears in the email you received, try pointing the cursor near the provided link. If the address revealed by the cursor is different to that of the link given in the email, then chances are that the link is a fraud.

The improving protection support for emails caused phishing scammers to develop the filter evasion technique. Filter evasion, as its name suggests, is specifically created to avoid anti-phishing email protection like firewalls and virus protectors. Because they are carefully designed to appear as legitimate as possible, the phishing emails are allowed to pass through by unsuspecting spam filters. In order to prevent the easy entrance of phishing emails to your inbox, try downloading antispywares and phishing filters to enhance the email protection of your computer.

Recommended Transaction & Savings Accounts

St George
Directsaver - a great online savings account, backed by the service you'd expect from St.George.
More details
RaboPlus
Help yourself to a high interest Savings Account of 7.30% pa. Market leading rates, No minimum balance, high level of online banking security.
More details
BankWest
Featuring Australia's highest variable online rate of 8.50% p.a. that will be paid until 1 January 2009.
Find Out How
HSBC Serious Saver
Whatever your savings goals, HSBC's Serious Saver can help you grow your money with a high interest rate so you can reach them sooner.
Visit HSBC
HSBC
HSBC's Online Savings Account is an everyday banking account that offers a high interest rate of 5.35% p.a.
Visit HSBC