WHAT+IS+PHISHING?

The act of sending an [|e-mail] to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a [|Web site] where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has.



 A few clues can help you spot fraudulent e-mail messages or links within them. ==**What does a phishing e-mail look like?** == Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data. Phishing e-mail messages take a number of forms:  Here is an example of what a phishing scam in an e-mail message might look like.  Example of a phishing e-mail message, which includes a deceptive Web address that links to a scam Web site. To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site. Here are a few phrases to look for if you think an e-mail message is a phishing scam. **"Verify your account."** Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">If you receive an e-mail message from Microsoft asking you to update your credit card information, do not respond: this is a phishing scam. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">**"You have won the lottery."** <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">The lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. The lottery scam often includes references to big companies, such as Microsoft. There is no Microsoft lottery. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">**"If you don't respond within 48 hours, your account will be closed."** <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">These messages convey a sense of urgency so that you'll respond immediately without thinking. A phishing e-mail message might even claim that your response is required because your account might have been compromised. ==<span style="color: #000000; font-family: Arial,sans-serif,'Trebuchet MS',Helvetica; font-size: 1.4em; font-style: normal; margin-bottom: 1em; margin-left: 0px; margin-right: 0px; margin-top: 1.3em; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">**What does a phishing link look like?** == <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">Sometimes phishing e-mails direct you to spoofed web sites. Here’s an example of the kind of phrase you might see in an e-mail message that directs you to a phishing Web site: <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">**"Click the link below to gain access to your account."** <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">Phishing links that you are urged to click in e-mail messages, on Web sites, or even in instant messages may contain all or part of a real company’s name and are usually masked, meaning that the link you see does not take you to that address but somewhere different, usually an illegitimate Web site. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">Notice in the following example that resting (but not clicking) the mouse pointer on the link reveals the real Web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's Web address, which is a suspicious sign. <span style="color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; line-height: 1.4em; margin-bottom: 1.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">
 * < =<span style="color: #000000; font-family: 'Trebuchet MS',Helvetica,Arial,sans-serif; font-size: 2.4em; font-weight: 100; letter-spacing: -1px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px;">//How to recognize phishing e-mails or links// = ||
 * <span style="color: #000000; color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; font-size: 1em; list-style-image: initial; list-style-position: initial; list-style-type: disc; margin-bottom: 15px; margin-bottom: 1em; margin-left: 0px; margin-left: 25px; margin-right: 0px; margin-right: 0px; margin-top: 0px; margin-top: 0px; padding-bottom: 0px; padding-bottom: 0px; padding-left: 0px; padding-left: 0px; padding-right: 0px; padding-right: 0px; padding-top: 0px; padding-top: 0px;">They might appear to come from your bank or financial institution, a company you regularly do business with, such as <span style="color: #aa3200; font-family: Helvetica,Arial,sans-serif; font-size: 1em; line-height: 1em; text-decoration: none;">[|Microsoft], or from your <span style="color: #aa3200; font-family: Helvetica,Arial,sans-serif; font-size: 1em; line-height: 1em; text-decoration: none;">[|social networking] site.
 * <span style="color: #000000; color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; font-size: 1em; list-style-image: initial; list-style-position: initial; list-style-type: disc; margin-bottom: 15px; margin-bottom: 1em; margin-left: 0px; margin-left: 25px; margin-right: 0px; margin-right: 0px; margin-top: 0px; margin-top: 0px; padding-bottom: 0px; padding-bottom: 0px; padding-left: 0px; padding-left: 0px; padding-right: 0px; padding-right: 0px; padding-top: 0px; padding-top: 0px;">They might appear to be from someone you know. //Spear phishing// is a targeted form of phishing in which an e-mail message might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT.
 * <span style="color: #000000; color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; font-size: 1em; list-style-image: initial; list-style-position: initial; list-style-type: disc; margin-bottom: 15px; margin-bottom: 1em; margin-left: 0px; margin-left: 25px; margin-right: 0px; margin-right: 0px; margin-top: 0px; margin-top: 0px; padding-bottom: 0px; padding-bottom: 0px; padding-left: 0px; padding-left: 0px; padding-right: 0px; padding-right: 0px; padding-top: 0px; padding-top: 0px;">They might ask you to make a phone call. //Phone phishing// scams direct you to call a customer support phone number. A person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data. The phone phisher might claim that your account will be closed or other problems could occur if you don't respond.
 * <span style="color: #000000; color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; font-size: 1em; list-style-image: initial; list-style-position: initial; list-style-type: disc; margin-bottom: 15px; margin-bottom: 1em; margin-left: 0px; margin-left: 25px; margin-right: 0px; margin-right: 0px; margin-top: 0px; margin-top: 0px; padding-bottom: 0px; padding-bottom: 0px; padding-left: 0px; padding-left: 0px; padding-right: 0px; padding-right: 0px; padding-top: 0px; padding-top: 0px;">They might include official-looking logos and other identifying information taken directly from legitimate Web sites, and they might include convincing details about your personal information that scammers found on your social networking pages.
 * <span style="color: #000000; color: #000000; font-family: Helvetica,Arial,sans-serif; font-size: 1.2em; font-size: 1em; list-style-image: initial; list-style-position: initial; list-style-type: disc; margin-bottom: 15px; margin-bottom: 1em; margin-left: 0px; margin-left: 25px; margin-right: 0px; margin-right: 0px; margin-top: 0px; margin-top: 0px; padding-bottom: 0px; padding-bottom: 0px; padding-left: 0px; padding-left: 0px; padding-right: 0px; padding-right: 0px; padding-top: 0px; padding-top: 0px;">They might include links to spoofed Web sites where you are asked to enter personal information.