In a phishing attack,
- e-mail messages are often disguised to look like customer service messages from recognized companies.
- a website for entry of the data requested may look like that of a financial institution.
- the website is actually fraudulent, and any data entered there will end up in a criminal's hands.
The request for information is often explained by a need to update or otherwise verify identifying information. Credit card companies or banks, however, never send messages like these to their customers, nor do they ask for confidential data such as online banking passwords, card numbers, PIN codes or account numbers over the phone or via e-mail.
In pharming, a swindler tries to get information without leaving a trace
Many people are already aware of phishing scams, so swindlers have started to use a more effective method, called pharming, to obtain information.
In pharming scams, a consumer is led to a fraudulent website automatically and believes it to be a genuine one. The bogus website may ask for user ID information to be entered for logging in to the site, fixing an account problem or answering a survey. A hacker can benefit from the information entered by accessing the user's bank accounts or by other means.
- Keep your firewall and virus software up-to-date.
- Only provide information about yourself that is necessary for the business at hand.
- Try to verify the authenticity of websites you use, taking into account that a swindler can change addresses and links so that they appear genuine.
- Do not respond to questionnaires accessed through a pop-up window or e-mail that ask for your personal details or bank account/credit card information. Do not click on links in them, either.
- Remember that reputable companies do not ask for passwords, credit card numbers or other confidential information via e-mail. If a message is troubling you, you can always check with your bank about whether they sent the questionnaire you have received.
- Don't trust the contents of the "From" field indicating the sender of an e-mail. It can easily be forged to appear in a form such as "firstname.lastname@example.org".
- Also remind your children not to pass along personal information on the Internet.
Inform your own bank or credit card company about scams that try to obtain bank account or credit card information. Credit card companies and banks have service numbers you can call to deactivate PIN codes and prevent unauthorized use.
If you suspect you have been victimized by a pharming operation, report it to the host of a website at which online services have been misused.
You can notify the Office of the Data Protection Ombudsman of the misuse of personal information or other data protection infringements.
Data Protection Ombudsman
If you believe you have been the victim of a crime, you can contact the local police.