Phishing: What is it and how can you protect yourself?
Article by: HAVRE HAMILTON
Technology Director 1st Liberty Federal Credit Union
      The definition of phishing is the act of sending a fraudulent e-mail masquerading as a trustworthy person or business in an attempt to obtain sensitive information. The fraudulent e-mail will contain a link directing a person to a carefully crafted replica of a trustworthy business’ website where they’re asked to provide passwords, credit card, social security, or account numbers.
      Did you know:   The word “phishing” comes from the analogy that Internet scammers are using e-mail lures to fish for passwords and financial data from the sea of Internet users. The term was coined in 1996 by hackers who were stealing AOL Internet accounts by scamming passwords from unsuspecting AOL users. Since hackers have a tendency to replacing “f” with “ph” the term phishing was derived.
      There are some simple ways to determine if an e-mail is not a legitimate communication from a trustworthy business. There may be grammatical or spelling mistakes—especially when scams originate outside of the United States. The e-mail will have a generic greeting like “Dear valued customer”—many businesses, including 1st Liberty FCU will use your first or last name when communicating via e-mail. The e-mail may contain an apparently valid link that takes you to a bogus replica of the business’ website. Often the e-mail will also create a false sense of urgency by stating your account will be disabled or closed if you do not click on the link to provide the necessary information. The whole intent of the e-mail is to persuade you to click on the provided link.
      If you receive an e-mail that you believe is a phishing attempt it is important that you notify the targeted business. Be sure to permanently delete all copies of the e-mail so you will not accidentally click on the link. If you do feel that an e-mail may be legitimate you can always call the business directly or visit the business’ website to handle the matter.
      The people behind these phishing expeditions range from small time scam artists to international organized crime rings. Their intent is to gather this information to commit identity theft, credit card fraud, or other financial loss. Phishers harvest e-mail addresses off of websites, forums, compromised mail servers, and spam lists. Phishing is profitable due to the sheer volume of e-mails that a phisher is able to distribute, thus it only takes a small percentage of people to provide sensitive information for it to be profitable for the phisher. Suffice it to say, phishing attempts are not going away anytime soon. The following tips can help you not to become the phishers next victim.
  1. Do not click any of the links within the text of an e-mail.
  2. Do not reply to a suspected phishing e-mail.
  3. Do not e-mail sensitive information.
  4. Be wary about opening attachments no matter who the sender is.
  5. Use anti-virus & anti-spyware software and be sure that it is updated automatically.
  6. Use a firewall (especially if you have a broadband connection).
  7. Keep your operating system fully updated with the latest patches.
  8. Review account statements for unauthorized activity.
      1st Liberty FCU is vigilant about maintaining our member’s sensitive information and we constantly review our procedures to ensure every effort is taken to keep your information secure and private. We will never at any time ask our members to provide sensitive information via e-mail. If at anytime you receive a phishing e-mail purporting to be from 1st Liberty FCU do not hesitate to call us at 800-824-0585. If you have any questions or concerns feel free to e-mail me at havre.hamilton@1stliberty.org.

Additional Web Resources:
ftc.gov/spam
antiphishing.org
microsoft.com/athome/security/email
fraudwatchinternational.com
toolbar.netcraft.com