There are several myths and misconceptions that abound when it comes to Phishing. These are the top 5 most common ones:
Anti-spam software can detect phishing email…
While anti-phishing and spam filters can decrease the number of phishing emails that get into your inbox, they are not 100% effective. Whenever anti-phishing technology keeps improving, the phishers are always devising ways to get around them. It truly is a cat-and-mouse game.
Secondly, because spam email and phishing email are different (phishing email spoofs a legitimate business), a different set of rules and criteria are required to detect the phisher.
As long as I don’t give my password and user-name, I won’t be Phished…
Phisher’s are getting increasingly sophisticated. They now employ several variations on the original spoofed email that once requested your password and user-name.
They will, for example, instruct you to click on a link so as to update your information at a website. If you do click on the link, malware such as a key logger or spyware will be downloaded to your computer. The link may take you to a spoofed website, but it may also link you to the actual website of the legitimate business. Once there, a pop-up or overlay is activated, directing you to log in. You will probably be unaware that your access information has been compromised.
Most Phishing attacks originate from outside…
With all the time and effort that has been poured into the Nigerian 419 spam scams, it is commonly assumed that phishing originates from emerging countries outside America. However, a study by Symantec shows that the majority of phishing attacks actually originate within the U.S.
Phishing is a problem that we can solve by educating users…
This is not true. There are various ways the phisher can camouflage an IP address. In fact, a large proportion of phishing attacks are enabled through common misconfiguration in a web application. Phishers can manipulate internet technology to redirect you from a real and legitimate website, in such a way that although the original web address points to this real website you are taken to the phisher’s website.
As the incidents of phishing and identity theft have increased, people have become more aware, and better able to identify phishing emails. The percentage of phishing victims has gone down. However, even though users are getting better educated and informed about phishing, there is always still a chance that someone will mistake a well-crafted phishing email for the real thing.
I will know one when I see one…
This is another misconception regarding phishing, and a potentially dangerous one at that, especially in our digital world. With all the time, talent and technology available to them, these cyber crooks have more than ample resources to create and execute increasingly realistic email spam, web site spoofs or other electronic means by which to scam you out of your confidential financial data and wreak havoc on your financial affairs.
wumber and vigilance are, in fact, your number one protection against the phisher’s hook. Underestimating the phishers may cost you.
wumber anti-spam prevents spam in the first instance and as phishing is usually the result of spam this has the first part of the equation covered. To further protect you online wumber uses unique anti-phishing technology called INFRAMAPPING which simply prevents you from entering your real security details like login and password into fake websites. Inframapping fingerprints the underlying infrastructure of a website to determine if this is a site you have been to before and reacts accordingly.
wumber is free to join and it’s free for everyone to use, so join today and leave the spam behind.