15 October 2008

Symantec Phishing Info





Another contribution I’ve got from Symantec specialist who is Vice President of Consumer Business for Asia Pacific and Japan, David Freer. Hopefully it could help us to prevent our online banking

1. How is identity theft stolen online (e.g. phishing, etc)?

Identities can be stolen in both the online and offline world. The most common form of identity theft is online fraud. Online fraud is a common type of cybercrime that uses email, web sites, chat rooms or message boards. There are many different types of online fraud, including phishing and pharming scams, which use forged e-mails and Web sites to trick recipients into giving out personal information such as credit card data, social security numbers and passwords.

Phishing is a term used for fraudulent Internet "scams" that set out to deceive users into providing personal information that ends up in many cases, being used for identity theft.

In a common scenario, phishers will send mass emails. The emails appear to come from a legitimate company, and often try to evoke an emotional response to a phony crisis. Usually a request for sensitive information is made, sometimes directing the recipient to a spoofed Web page. The Web page, like the email, appears authentic, and in some instances its URL has been masked so the Web address even looks real. Because the email and its corresponding Web page seem bona fide, the phishers hope at least a fraction of recipients are fooled into submitting their data.
Phishers are also beginning to use viruses to do their dirty work. These viruses monitor your Internet activities, and will spring into action when you visit a particular site, either diverting you to an impostor site or capturing your keystrokes. Without virus protection you may have no idea malicious code resides your hard drive.

2. What type of financial documents can be forged with a false identity online (e.g banking fund transfers)?

Online banking is becoming increasingly common, and many of us use financial management software programs to handle our accounting and taxes. If hackers gain access to our computers, they can steal this information.
In addition, any document which requires personal and financial information such as your name, address, IC number, birth date, back account and/or credit card details or other identifying data are not spared from identity thieves. They can open new credit lines, access your back accounts or even apply for official documents like a driver’s license or passport – all in your name.

3. How do consumers know if they have been a victim of fraud? What can they do?

Consumers would be able to suspect if they are a fraud victim if they are denied credit for no apparent reason, or start receiving odd things in the mail such as credit cards they did not apply for. Failing to receive bills or other mails could mean an identity thief has taken over their account and changed their billing address. Lastly, being contacted by vendors regarding accounts they are unaware of, or even worse, by debt collectors for purchases someone else made, are also clear signs of identity theft problems.
If someone has stolen your identity, an immediate response is crucial in minimising damage. The following steps should be taken immediately to avoid further exploitation of the stolen identity:
 Immediately close financial accounts that may be compromised.
 Open new, password-protected accounts, but don't use obvious passwords like your birth date or street address.
 Cancel your driver's license or other IDs you've lost.
 If it becomes evident someone has been using your identity, report it to the police.

4. How can consumers prevent identity theft/ fraud online? Any tips?

Identity theft is serious business; in fact, it’s a federal crime. Results of the Federal Trade Commission’s 2006 Identity Theft Survey estimate that consumers lost over $1.1 billion dollars in 2006 due to identity theft. To avoid being a victim of this type of fraud, you need to protect your personal information online. It can take months, even years, to repair the damage if your name and credit are compromised by a thief. Some people have even been arrested for crimes they didn't commit.
Fortunately, there are steps you can take to protect your personal information and identity. And should you become a victim, there are also ways to minimize the consequences and prevent further damage. It has become more important than ever to take measures to protect one’s identity – both online and off – and to learn what to do should you become a victim.
Offline measures
 Unless you're absolutely certain who you're talking to, don't give your IC number or other personal information over the phone or via text messages
 Use a shredder to destroy sensitive correspondence
 Lock your most sensitive documents in a safe, file cabinet, or safe deposit box
 Send mail at the post office or from a post box
 When you go out of town, ask the post office to hold your mail
 Pick up blank checks at your bank or have them sent to the post office rather than your front door
 Order a credit report and regularly check for unusual activity. If you see anything strange or unexpected, follow up on it immediately


Online measures
 Unless you're absolutely certain a site is legitimate and secure, don't provide your IC number over the Web; never send it in an email or instant message
 Always use secure Web sites when sending information or transacting business online
 Install a good firewall protection, antivirus software, and antispam filter. Or get them all with Norton 360 or Norton Internet Security. A program with antivirus & antispyware capabilities can detect and often remove crimeware threats that would otherwise remain hidden on your machine. If the threat can be detected but not removed, consult Symantec's free removal tool listing in order to see if the crimeware can be removed using a separately downloaded utility.
 Store sensitive financial and personal information in password-protected files and directories; use strong, non-obvious passwords
 Learn to spot fraudulent emails, Web sites, and other red flags associated with phishing scams
 Don't open email attachments from persons you don't know and trust

Identity theft is a serious crime with serious consequences, and it affects several million households each year. Remember, no one can protect you from identity theft but you. You have to take responsibility for yourself and for protecting your identity, and it is never too early to learn – hopefully not the hard way.

3 comments:

geovani said...

Phishing is essentially an online con game, and phishers are nothing more than tech-savvy con artists and identity thieves. They use spam, fake Web sites, crimeware and other techniques to trick people into divulging sensitive information, such as bank and credit card account details. Once they’ve captured enough victims’ information, they either use the stolen goods themselves to defraud the victims (e.g., by opening up new accounts using the victim’s name or draining the victim’s bank accounts) or they sell it on the black market for a profit.
-------------------
geovani

Viral Marketing

Anonymous said...

yes...what u've said is totally true. Unfortunately it still haunting people whose using computer everyday. So sad... do you have solutions for this?

Anonymous said...

i agreed