Saturday, June 21, 2008

Phishing: Examples and its prevention methods.

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.

According to Financial Stability and Payment Systems Report 2007, phishing remained the most common method employed to conduct Internet banking fraud.

Phishing is typically carried out by e-mail or instant messaging and it often directs users to enter details at a website. It is an example of social engineering techniques used to fool users.

An example of phishing would be the FAKE Maybank2u e-mail.

Following are 3 samples of FAKE M2U e-mail:

SAMPLE 1:

SAMPLE 2:


SAMPLE 3:


For the unsuspecting users, nothing is wrong with the-email, but actualy they are phishing e-mail that intend to "phish' your personal Maybank2u.com ID and banking information. The real Maybank2u.com's URL is http://www.maybank2u.com.my/ and you should be suspicious of any e-mail that informs you otherwise.


Please be reminded that Maybank will NEVER send out e-mail or SMS requesting customers to provide

personal banking ID or PIN or credit card information.


Here are the FAKE M2U e-mail links provided by Maybank2u.com.

Sample of FAKE website:



HOW TO PREVENT YOURSELF FROM BEING PHISHED?

Here are some useful prevention methods:


  • We are advised NOT to log on to any website links contained in e-mail. If you login and provide your personal information to the phishing websites, you may soon discover that you are the victim of a financial scam and faced with loss of your hard-earned savings.

  • If you suspect that you have been tricked into giving your ID and Password at a FAKE website, you are advised to call your bank or change your password immediately or by directly logging in through www.maybank2u.com.my. They can reset your password and protect your account. Other than that, you should also report the phishing website or e-mail to Maybank2U.com.

  • If you want to go to your bank’s website, always select from your bookmark or type in your bank’s address manually. If you don’t know the bank’s address, check it out from the bank brochures. Bisides that, you can also easily search it from google or Yahoo! (but make sure you find the correct bank's website and not a phishing site).

  • If the email states that your bank account is being terminated unless you click on the link. Plese don't be panic and simply click on the link. They are trying to play with your emotion and force you to click on the link. What you need to do is just call up your bank for confirmation.


Links :

The Star : Beware bank queries scam
Consumer Advice:
How to Avoid Phishing Scams
Maybank2U :
www.maybank2u.com.my
All about phishing

~By Siew Ying~

2 comments:

Unknown said...

Thank for the inforamtion. It's very useful. Nice graphics with good illustrations. Very well done.

Keep up and keep going!

:)

Trance Boundaries said...

My dear friend, thanks for dropping the comment!

I hope the info provided can help you and other readers to prevent from being phished. This is especially important for those who are currently using online banking. This is because our hard-earned money might just gone if we are being phished by someone else.