- The word "phishing" is used to describe hackers and cyber-criminals "fishing" the Internet for personal information such as credit card numbers, bank account information and passwords. The idea behind the term is that if they send out enough fake emails, some receivers will surely "take the bait." For example, the phisher may send out a mass email impersonating a popular bank and requesting your account information for maintenance purposes. If you're a member of that bank, you may think it's legitimate. Phishers may use the info they glean to gain access to your account and steal your money.
- Spoofing is a broad term used to describe a website, email or even caller ID entry made to trick you into thinking it's something that it's not. According to Terry Zink, a Program Manager for Microsoft Forefront Online Security, spoofed websites and emails often attempt to get you to unwittingly download malware and viruses. Spoofed websites and emails usually look fairly legitimate; sometimes even containing logos and disclaimers from the company they're spoofing.
- Hackers using phishing tactics to acquire your personal information often use spoofing in an effort to convince you to give up the info. If they're trying to get your bank account information, they may send you an email seemingly from your bank, include the banks logos and a spoofed "From" line to reflect a false sender. The email may even link to a spoof of your banks website, only the phishers are using it to give you a false sense of security, not to give you viruses or other harmful files. If they trick you into thinking you're on your bank's website, you may be more likely to give up your information.
- If there are any doubts in your mind regarding an email or website's authenticity, get out. Common giveaways include misspelled words, bad grammar, slightly incorrect Web addresses and incorrect website suffixes. For example, a spoof may replace "L" or "I" in a Web address with the No. "1." If you're unsure about a Web address, type the correct URL into the address bar yourself. Keeping your antivirus, antimalware and firewall up-to-date increases the chances of spoofing and phishing scams getting detected and blocked before you're fooled.
previous post