Would you like to lose all of the money in your bank accounts? Fall for a phishing attack. These are web sites which are cleverly designed to look like your real bank’s web site but which actually collect your personal information and hand it over to crooks and thieves. Here is a short story about a phishing instance, described by Netcraft in Bank Shuts Down Web Site After Phishing Attack
A phishing attack led the Bank of New Zealand to take its online banking web site offline Thursday to prevent scammers from draining customer accounts. The bank said that although there had been no threat to its Internet infrastructure, the site was shut for eight hours to protect customers who shared their banking logins with a spoof web site operated by a phishing crew.
How do you avoid getting suckered by phishing attacks? The FBI just gave a presentation to our local chamber of commerce and had these suggestions:
- Be suspicious. If you wonder whether a web site is legitimate, phone your bank and ask.
- Remember that your bank will never send you an email and ask you to re-enter your personal information on their web site to "update" their records or anything else odd. Again, be suspicious. If in doubt, phone the bank and ask if the web site is legitimate.
- If you wonder whether a web site is legitimate, try entering your real username but the wrong password. A phishing site will accept the bogus password and let you in. (Remember, the phishing site is trying to learn your password so it will accept whatever you type.) If you stumble across a phishing site, phone your bank and tell them.
Just as neither the teller at the drive through window nor the ATM machine will ever ask you for anything unusual in the way of personal information, neither should the internet. Keep that in mind; keep yourself safe.
