Phishing became a buzzword of 2005 and the technique of phishing is likely to increase massively into 2006 and the future as the internet becomes more widespread.

But what exactly is phishing? In a sentence it is the act of tricking / conning a user in to providing confidential information that can be used to defraud.The term Phishing (pronounced fish’ing) has come about from the word to “fish” for information and since hackers have a tendency to replace “f” with “ph” the term came about.

Originally phishing began around 1996 and was aimed at AOL internet accounts as hackers attempted to gain user passwords. However over the years the scams have become more and more sophisticated with phishing being used to try and gain sensitive account information for your online banking and credit card accounts.

This is usually done by the scammer sending you an email made to look like it is from an official body or company such as your bank or credit card issuer. The email will have all the hallmarks of being genuine possibly including logos, images and text taken from the actual banks website. Others may attempt to confuse you with wording like “your mortgage application has not yet completed we need more information”.

Below is an example image of a Barclays Bank phishing email.

Click to enlarge

If you study the email closely it does look very genuine, especially to actual Barclays online customers. Even though the URL shown in the email looks genuine this is very easy to spoof and when clicked will actually go to a different website. This website will be made to look like the Barclays online login and when you enter your details will actually log you in to your Barclays account so you do not realise what has happened. However in the meantime the scammer has recorded your login details and can now access your online account.

Because of phishing scams such as these you should always be wary of email you receive that requests any kind of personal information at all, especially confidential information such as your online banking details.

A few simple steps you should take to help ensure you do not fall victim are:

• Your bank will never ask you for your login information by email.
• Never click on a link within an email - instead go to the website you normally visit and log in this way.
• Never reply to the email.
• If in doubt ring the relevant companies customer help line for assistance.
• If the email is asking you to confirm something you do not remember doing, such as a mortgage application, treat it with extra suspicion.

Customers using mail services provided by AGUK have some degree of protection against these threats as we use sophisticated scanning and validation of emails we receive to reject such emails however it is still possible that some emails can get through.

If you want further advice for you or your business on protecting yourself from such scams then please contact us for information.