Your bank, which urgently needs your personal password, because of an glaring vulnerability in their system, to resolve the problem? Ebay, who has through a server error, however, “lost” your password and needs a new one?

 

If you know this kind of e-mails from your inbox, you have also become a victim of a so-called “phishing attack”.

 

When recently dubious Web site operators wanted to lure us to their homepages with many spam e-mails, we were still mildly amused at their methods. The problem was qickly solved with current spam filters, which are integrated in all popular e-mail programs.

 

 

But the espionage threat on your computer is still not over!
There has long been a “plague” in the virtual World – the “fishing” for personal data and passwords, known as “phishing”.

 

With serious-looking e-mails, supposedly from trusted senders such as banks or Ebay, imposters are trying to get passwords from their phishing victims. Often the phishing e-mails are so cleverly faked, that the fake ones can not be distinguished from the original e-mails. The phishing attackers assume that actually one recipient of their massively sent e-mails, is a customer at one of these companies. If the user really displays his user data (name, password, PIN, etc.) the fraudsters catch these data ( “fish”) and are now able to access user accounts. According to the protection organization Anti-Phishing Group (www.antiphishing.com) the number of such attacks has risen sharply since 2004.

 

While there are additional spam filters to those already known, even now anti-phishing programs or functions used in the best-known e-mail programs like Outlook or Thunderbird, don´t provide a perfect protection against such phishing attacks.

 

The best protection is first and foremost the attention and distrust of the user! It is the basic golden rule: You should always be suspicious when you receive e-mails from your bank, your phone provider or other companies which ask for personal data.
Never visit a website, where passwords and user data must be entered, via a hyperlink you received in an e-mail. Enter the Web address manually in your browser.

 

A definit evidence for secure and original websites is the https before the domain name. The extra s indicates a secure connection via SSL encryption of the page, which requires a special encryption certificate.

 

 

Meanwhile, there are reliable plug-ins for popular browsers, which compare the websites with an online database, where already known phishing pages are listed and the user will be warned when phishing contents are detected. Such plug-in providers are for example McAfee SiteAdvisor or Netcraft.

 

If you fear you´ve been the victim of a phishing attack, immediately contact your bank, your business partner or the police.

 

 

Protection against phishing attacks:

In order to prevent users from phishing attacks, we summarize the most important safeguards here for you:

 

* Suspiciousness against e-mails which ask for your personal data is the best safeguard against phishing-attackers. Banks or other reputable companies will never call on their clients via e-mail to enter their confidential information!

 

* With installation of anti-phishing programs or browser plug-ins your software is prepaired to shield you as much as possible against phishing attacks. Never follow any hyperlinks to websites mentioned in e-mails, which need entering of passwords or user data.

 

* Never follow any hyperlinks to websites mentioned in e-mails, which need entering of passwords or user data.

 

* Always look for the encryption SSL (https), which is used in a protected area and indicates a secure website.

 

* Enter the Web address of your bank or other providers which possess your personal data (such as Ebay, Amazon etc), directly into the browser address bar.

 

* In case of doubt contact your bank, your business partner or the police!