1. Introduction
Many criminals are currently focusing on retrieving private data; they do this by using deceptive techniques to carry out electronic fraud. [1] This is also called phishing. The Cambridge Dictionaries Online defines phishing as: an attempt to trick someone into giving information over the internet or by email that would allow someone else to take money from them , for example by taking money out of their bank account. [2]
The ubiquity of the internet technology made phishing an easy crime to perform. Setting up a fake website does not require a lot of money and effort and existing technology allows phishers to make a real website with minimal costs and little time. Because most institutes are continuously working on increasing their online presence the economic value that phishers can obtain by compromising account information from online customers increased dramatically.
Despite the fact that phishing is easy to prevent there are still many people who become a victim of a phishing attack. Developing measures against phishing is a challenging problem because victims help criminals in giving away their data. Besides that users generally have a lack of attention to security. The phenomenon of phishing may be unknown. Users do not see privacy and security as their primary task. In general it is expected that organizations take this responsibility. This is a false assumption. All banks indicate that phishing protection is a shared responsibility of banks and customer.
As stated above phishing is an increasing and underestimated problem. Therefore, it is important to know what phishing looks like and what one can do against phishing. This article maps out who individuals can recognize phishing.
2. How to recognize phishing?
Victims of phishing are often approached by email. Such an email appears to come from a trusted authority, such as a credit card company or a bank. The email generally has a professional look; neatly drawn up, correct language usage and a logo from the authority at the top. On top of that the emails are usually drawn up very compelling or even imminent. For example, it indicates someone has to log in within a short period of time, as otherwise the data expires. Banks never ask someone to log on to a site.
Phishing happens not only by email but also by phone. Internet criminals call people to retrieve PINs and login codes. These criminals can impersonate a bank employee on the phone who wants to check someone’s data, for example because there are problems with an account. Again, a bank will never query security codes over the phone or email.
3. Conclusion
With an increase in phishing attacks, it is essential that internet users learn how to recognize phishing. It can be concluded phishing emails can be recognized by:
- asking for security codes and / or personal information;
- threatening with consequences if someone does not respond to an email immediately and
- asking to click on a link to a foreign website.
Besides that it can be concluded that a bank will never ask for security codes at unexpected times or places, so never by email and never by telephone. Emails that raise doubt should be removed immediately and suspicious phone calls should be terminated.