What is phishing?  No, it’s not a typo, and it’s not a word to describe jamming out on your guitar for hours.  Phishing is a type of deception used by criminals to fraudulently gain information, most often in the form of passwords or login information.  Phishing can also lead to malicious programs infecting your computer.  Phishing attacks typically come in the form of messages or links that are presented to be something that they are not.  These can be anything from a malicious link sent to you via email, to a dummy website that mimics a legitimate site to trick you into keying in your login details.

You can think of phishing just like fishing, except instead of fish, the target are peoples computers.  The phisherman (so to speak) casts out many lines, in the form of spam emails, instant messages, or through the private messaging or comments functions found on social networking sites in an attempt to hook unwitting victims, steal their information and gain access to their accounts.  The bait on the end of these lines is usually in the form of something too good to be true and is often from people you do not know.  The more sophisticated phishing scams out there will send semi-personal messages to all of the contacts on the contact lists of their victims.

Be careful though, if one of your friends takes the bait, you may soon be receiving a message from them containing a phishing link.  Often times the perpetrators of these phishing scams will utilize the accounts they have compromised to spread the malicious links or files.  The most dangerous of phishing attacks will be those sent to you from people you know, or otherwise trusted sources that have been compromised.  The real danger of these phishing scams is that one false click and you may have put your private information into the hands of a criminal.

So let’s have a look at how to avoid phishing scams on the Internet:

There are software tools available that you can use to protect you from phishing attacks, but in all honesty, your best protection is common sense.  Do not open emails or click on links given to you by unknown or untrusted sources.  Even if you do trust the source, read the message before clicking on any links or downloading any files.  If you are suspicious, the best way to be sure is to fact check through a medium other than the computer.  If a friend sends you a link or file out of the blue and there is either no accompanying message or a message that does not sound like the person you are receiving the message from, it is best to err on the side of safety.  Call your friend on the phone and ask if they had sent you anything recently, if your friend says no, you may want to tell them there is a good chance their account information has been stolen.

Things to look out for:

– Messages containing just a link or file download
– Generic messages or messages that contain no personal data, such as your name
– Check the spelling of the URL in the links you receive, as well as the websites you visit.
– Be vigilant.  Do not assume all messages are legitimate, a friend’s account could have been compromised.

If you believe your account information has fallen into the wrong hands, change your passwords immediately.  Most websites will have options to change or reset your password if it has been lost or compromised.  If you believe your email account has been phished, it is a good idea to tell your friends to immediately delete any messages they receive from the compromised account until you can reclaim it.