Phishing for Banks

Banks are the most vulnerable to internet security threats, according to the IBM Internet Security Systems X-Force 2007 Trend Statistics Survey published last month.

Cyberthieves go “phishing” by creating a bogus bank (or other company) website. The most common ways a customer becomes their catch is:
  • The customer mistypes the bank’s web address and is taken to a bogus website that appears to be the real site. (Watch what you’re typing in. Carefully examine the site when it comes up. Does it look right? Most importantly, does the web address at the top begin with “https” and have a lock icon following the URL address. Many financial sites will say “identified by VeriSign” after the lock icon as well.)
  • The customer has a Trojan (malicious software) imbedded without their knowledge on their computer. When the customer types the bank’s web address or clicks it on their bookmarked list, they are redirected to the bogus site. (If this ever happens, write down the URL information and immediately contact the bank.)
  • The customer receives a bogus email that pretends to be from the bank, requesting the customer’s personal information. (Do not respond to the email or open any attachments. Contact your bank immediately.)

The timing of this CNN story on bank phishing couldn’t be better. Today the Moon is in Taurus, a sign that rules banks and financial matters. The Moon is in its First Quarter phase, squaring the Sun in Aquarius. Aquarius rules computers and the internet. With Mercury retrograde in Aquarius, the CNN story suggests “it might be worth it to go retro and compare your online banking information with the paper record.” The article serves as a good reminder to always verify that a website is secure before entering any personal information.

No comments: