What is Phishing?
Internet Marketing Dictionary |
Phishing is a process used by internet fraudsters to get log
in details for bank accounts etc. by sending out emails that
look as though they come from a genuine business that invite
the reader to log in to their account to update or confirm
their username or password etc.
Typically an email would be created to look as though it
came from a bank. So, for example, it would include images of
the bank's logo, and other branding features so that it looked
exactly like you would expect an email from the bank to look
Included in the phishing email would be a link that was also
designed to look like a genuine link to the bank or credit
card company etc.
However, when you click that link you actually get taken to
a fraudulent website that looks like the real thing but which
in fact is controlled by fraudsters.
On this website would be the standard log in forms to fill
in and if you fill them in, your log in details go straight to
the fraudsters own systems. This means that they can
then use these to access your real account and steal money
One way of spotting a phishing email is to look at the
source code of the email and see the actual web address of any
links. In many phishing emails these addresses look genuine
enough but there are always one or two that take you to the
For example, a phishing email may contain links to your bank's website in order to
display the bank's logo in your email. But the links to your
log in page will actually be links to a fraudster's
To make this even more confusing, these fraudster links are
often constructed so that they look genuine at first site. To
give you an example, suppose you bank with Citibank. You might
expect to see a link with citibank.com in it such as this one:
http://www.citibank.com.fraudsterssite.cn. But that
link would actually take you to the website
fraudstersite.cn and not Citibank's website.
The key way you can protect yourself from phishing is always
to navigate directly to your bank's website and never click a
link in an email - no matter how genuine it appears to