Millions of people have gotten “urgent” emails asking them to take immediate action to prevent some impending disaster. “Our bank has a new security system. Update your information now or you won't be able to access your account,” or “We couldn't verify your information; click here to update your account.” Sometimes the email claims that something awful will happen to the sender (or a third party), as in “The sum of $30,000,000 is going to go to the Government unless you help me transfer it to your bank account.”
The concept behind such an attack is pretty simple: Someone masquerades as someone else in an effort to fool you into sharing personal or other sensitive information with them. Phishers can masquerade as just about anyone, including banks, email and application providers, online merchants, online payment services, and even governments. And while some of these attacks are crude and easy to spot, many of them are sophisticated and well constructed. That fake email from "your bank" can look very real; the bogus "login page" you're redirected to can seem completely legitimate.
The good news is there are things you can do to steer clear of phishing attacks:
- Be careful about responding to emails that ask you for sensitive information.
- Go to the site yourself, rather than clicking on links in suspicious emails.
- If you're on a site that's asking you to enter sensitive information, check for signs of anything suspicious.
- Be wary of the "fabulous offers" and "fantastic prizes" that you'll sometimes come across on the web.
- Use a browser that has a phishing filter. The latest versions of most browsers -- including Firefox, Internet Explorer, and Opera -- include phishing filters that can help you spot potential phishing attacks.
Source:→ Google Blog
Internet, Web Security, Security, Spamming, Phishing, Tips