washingtonpost.com  > Technology > Tech Policy > Cybercrime

How to Fend off Phishing

Thursday, November 18, 2004; 6:55 AM

The best way to avoid becoming a phishing victim is to remember that real companies almost never send e-mail asking you to submit personal data. The message might include fancy graphics, trademark symbols and an authentic-looking e-mail address in the "from" line, but all of that can be easily faked. Here are some easy ways to tell:

* The message tries to scare you into giving up personal and financial information by saying that your account needs to be verified, updated or confirmed.

_____Related Coverage_____
Catch the Phish: Take the Quiz
Companies Forced to Fight Phishing (washingtonpost.com, Nov 19, 2004)
Phishing Feeds Internet Black Markets (washingtonpost.com, Nov 18, 2004)
Phishing Schemes Scar Victims (washingtonpost.com, Nov 18, 2004)
A Brief History of Phishing (washingtonpost.com, Nov 18, 2004)
Complete Cybercrime Coverage
_____Live Discussion_____
Transcript: Brian Krebs hosted Dave Jevans, chairman of the Anti-Phishing Working Group.

_____Message Boards_____
Post Your Comments

* The message threatens negative action -- canceling your account, for example -- if you fail to take the requested action immediately. If you think the message may be legitimate, contact the organization by phone or open a new Internet browser window and type in the company's Web address. Do not cut and paste material from the suspicious message!

* The message appears to come from a company you do business with, but it calls you "Dear Customer" instead of your name.

The Federal Trade Commission and the Anti-Phishing Working Group also offer tips on avoiding falling prey to phishing. Visit their Web sites for additional information.

EarthLink offers a free "ScamBlocker" toolbar that you can install on your Internet browser. It alerts you before you visit pages that are on the company's list of known phisher Web sites. EBay, one of the top targets for phishers, has a similar toolbar.

-- Compiled by Brian Krebs, washingtonpost.com

© 2004 TechNews.com