How I Got Phished

I recently posted a request for an item I wanted on the ‘Want it now’ section on eBay. The next day, I received a reply to my request in my eBay account, and then promptly click on a link from the sender which was to re-direct to their website. Suddenly, a message appeared on my screen from eBay alerting me that this was a scam, and I had been “phished”. I had almost unwittingly handed over my eBay login details to a scam artist! Does this sound like a familiar story?

Phishing (pronounced as “fishing”) is basically the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The goal is to deceive the potential victim into giving their private information, so as to steal your identity. Many ‘phishers’, who are professional criminals, have become very adept in creating emails that look authentic. For example, in the spoof messages the "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when actually; it is a fake and created to imitate the legitimate site.

Some tips on to prevent your personal information being stolen:

• Review all emails requesting personal information carefully - Remember that the "From Field" can be easily changed by the sender. While it may look like it’s coming from a .com you do business with, looks can be deceiving. Keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails.

• Check before clicking - Scammers like to include a clickable link that the recipient can follow to ‘update’ their information. An easy way to find out if the link is genuine is to point at the link with your mouse, paying particular attention to the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view.

• If in doubt, trash it - If for any reason you’re suspicious of the authenticity of the e-mail, delete it immediately and empty the trash box in your e-mail accounts as well.

As many banks and other well know companies such as Paypal have stated in their warnings to customers, they will never ask you under any circumstances to divulge your personal or financial information in an e-mail. If you’re worried that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the real website.