You Are Here: Home >
E-mail Safety & Security > The Dangers of Phishing
The Dangers of Phishing
The great thing about the Internet is that anyone can set up a website. You don't need permission, and the software to do it relatively cheap.
The downside is that this allows people to duplicate the look of sites, but on their own servers.
Why is this important? Because if someone copies the look of your bank's website, then you go to that site thinking it is the real deal, you may enter your login details onto the fake site. And this means that they can now use the details you've just given them to log into your account and clean it out.
There is one problem - how do they get you to visit their site, and not the official site you normally go to? The answer is to send you an e-mail, appearing to come from your bank, and asking you to log in via a link.
Bank websites are now very secure - it's very difficult for a hacker to force their way in. The weakest part of the system are the users. If you can trick them into handing over the details, there is no need to try to hack their way in.
But how do they know which bank you are with?
They don't. They just have to guess. The simplest way is to use the biggest banks, to give them the best odds that you'll have an account. That's why you probably get e-mails from banks you've never used asking to log into your account.
PayPal is also an easy target, since there are so many accounts - and it is a web-based account, so people are used to getting e-mails from them.
It's not just banks that Phishing affects. Any website that has a login system can be vulnerable - ebay, hotmail, etc.
How to stay safe
As a general rule, NEVER use a link in an e-mail to access your bank account, or any other service that is important to you. Go to the official website in your web browser (Google the name, and click on the first result after the ads).
Keep your computer security up-to-date, so that your browser isn't hijacked and you are redirected from official websites to their phishing counterparts.
If in doubt, call the company and speak to someone in person. You should never be asked for your passwords, so if you are - hang up.