What is phishing?

August 18, 2008 by Diane Vigil in

Fraudulent and deceptive emails have long been a danger to those who receive email, so I thought I'd answer the question inevitable question: what is phishing?

Essentially, phishing is an attempt to trick a consumer into divulging information, usually by clicking on a link in the email and going to a website to "validate" his or her information — such as account login information (passwords), credit card information, Social Security number, birth date, etc. As you can see, this information would allow the unscrupulous to log into your account (such as Paypal or your bank), or to steal your identity and "divest" you of funds. If you've had an email account for very long at all, you've probably seen at least one of these.

One of the tricks phishers use is to get you to click on a link in the email — and although the link takes you to the phisher's website, the link itself is often disguised to look like it goes to the website of a legitimate company. But first:

What's a URL?

Bear with me on this; it will help you to understand what's coming.

A URL (Uniform Resource Locator) is just another name for a link … something you can click at a website or in an email which will take you to another web page or website entirely. The URL for this website is http://dianev.com, which consists of the http part plus the domain name:

URL

Note that the visible part of the link doesn't have to say "http://dianev.com"; that is, the underlined text that you usually see in a link can say something else entirely. For instance, I could link to the home page of this blog like this: DianeV's blog (which is certainly a lot more intelligible than "http whatever"). Or even "microsoft.com".

Now, the URL for the home page of this blog is:

http://dianev.com/blog/

That is, the domain name here is "dianev.com" and the /blog/ part indicates a folder or directory at the dianev.com website. But, with a little setup, I could change that to:

http://blog.dianev.com <== that's blog DOT dianev DOT com

Many websites use this syntax to reference a specific section of the website before the domain name. But phishers use this syntax to disguise links in emails that go to the phisher's website:

Anatomy of a URL

The phisher's website looks like … the target website

That's right. If you were to click on a phishing link that said "PayPal", you'd end up at a website that looks just like … Paypal, logos and all. Only it isn't — it's the phisher's website. And what you type there will be recorded for the phisher's use. That's the danger in all this.

What can you do with this information?

Plenty:

  1. If you're not using some sort of spam filter for your email, I'd highly recommend it.
  2. If you do get a suspicious email, use your mouse to cursor over the link. Somewhere, your email program should display the full URL (starting with the http part). Check to see whether it really goes to the website that it claims to lead to.
  3. Remember that companies like Paypal, Ebay, banks and the like may send an email to request that you perform some action or other, but they do not request that you click a link in the email.
  4. If you need to visit their websites and you know their website address (URL), here's a little tip: you don't need to click on a link, or go to a search engine to search for something to get a link to click. You can type right into the Address bar of your browser (Internet Explorer, Firefox, Safari, Opera, etc.):

Browser Address Bar

Alright. I hope that's of use to you. Here's a link to Microsoft's explanation of phishing scams:

Leave a comment

Comment moderation is on (but comments are appreciated), and your comment will be reviewed as soon as possible. If your "name" is a bunch of keywords, your comment will be deleted. Posters must be 18 or older | Privacy Policy


Manage your subscriptions

Archives