Phishing occurs when scam sites disguised as legitimate sites attempt to gain private information from users through an electronic medium. This article will identify various phishing scams and different ways these scams can be implemented.
- Bank and IRS: These types of phishing scams usually occur through email. The user will receive an email from what seems like a valid bank or, in some cases, the IRS. The email will ask for private information such as account usernames, passwords, Social Security numbers or security answers.
- Social networking: Phishing is used on sites such as Facebook and MySpace to gather personal data from users. Invalid Facebook applications or MySpace sites can steal user information without the user’s knowledge or approval. This genre of phishing is relatively new, but it is one of the most common and successful.
- Fake links: Phishing utilizes link manipulation to mislead the victim. The scammer will change an authentic URL into one that is slightly different, but unrecognizably so. Phishers can also create subdomains and deceptive links that purport to take you to one destination and take you elsewhere.
- Fake websites: Phishers have been able to entirely recreate real websites to obtain usernames and passwords of users who think they are visiting a reliable site. Phishers can also alter the address bar at the top of the browser to read as legitimate sites when the opposite is true.
- Fake phone numbers: Another phishing technique will be to send an email that includes a phone number to call to redeem or claim something official-sounding. The phone number will be a fake, and a system will guide you to enter confidential information over the phone.