Seasonal scams: Avoid phishing this Christmas13 December 2005
Christmas may be a time for giving and receiving but IT security experts are warning internet users to be wary of who they give their personal and financial details to during the festive period.
According to security firm MailFrontier, web users are likely to receive as many as one billion spam and phishing emails over the Christmas period, up from 750 million last year. A survey by the firm found that in 25 per cent of cases Brits were unable to differentiate between a legitimate email and a fraudulent one.
What is it?
The term "phishing" quite simply refers to the use of "lures", usually within an email, to bait unwary consumers into handing over sensitive information such as credit card details. Phishers create emails and web attachments imitating the pages and logos of genuine sites and email consumers and businesses requesting confirmation of details. Although many emails go unanswered, phishers rely on the few who will duped into believing the email is from a legitimate source. Research by the Anti-Phishing Working Group revealed that around five per cent of message recipients will play into the phishers' hands.
Self-protection
The best way that internet users can protect themselves for phishing attacks is by being vigilant and questioning emails that require the revelation of sensitive details. If an organisation does not normally send such emails or require the entry of personal information, and banks never do, do not supply it. In addition, phishing emails often contain spelling errors which is an indication that they are not genuine. Often letters have been replaced or words formatted in white to help the emails bypass anti-spam filters - for example a lower case "l" may be replaced with an upper case "I".
Apart from vigilance, a variety of email spam filters are available to help prevent malicious emails even making it to yours and your employees' inboxes. The BT Business Email package offers virus and spam filtering as standard, and products such as McAfee's SpamKiller. Employees should also be informed on how to recognise such emails if they do get through the filters, and most importantly never reply if they are unsure about an emails' origin.
Customer protection
With UK consumers set to spend £5 billion in online shopping this Christmas, it is also important for any business involved in selling online to implement measures to protect their customers. This can be helped through using two-factor authentication, so that log-ins are varied each time a customer uses their account. It is also essential to keep all end-point security measures up-to-date. This includes guarding against spyware, viruses and most importantly Trojans, which can record and replicate the keystrokes used on your company's PCs. For more information on keeping your customers safe and reassured, see our previous feature.
Post a comment
As usual, we would be delighted to hear your comments or questions about this interview or the subject in general. Comments may be published on this or any other BT site.
