Taking the bait
April 12, 2007
In every e-mail pond there’s a phisher, and with every scam sent out, at least one person will get hooked.
As technology grows, so does the amount of scams that come through e-mail.
Some scammers try to trick people into giving up personal information; this particular breed is referred to as a phisher.
David Gunkel, associate professor of communication, said phishers send e-mail from what normally looks like legitimate sources.
“Phishing is related to spamming,” Gunkel said. “They’re casting a very wide net and can pull in one or two naive users. Phishing has an added component to comply with information.”
Phishers pretend to be familiar sources when gathering information. While it may look like your bank is contacting you about illegal activity, it can very possibly be a phisher.
“99.9 percent of the time, if someone is asking for private information, credit card numbers, social security numbers, bank account information, any of this stuff via e-mail, it’s illegitimate,” Gunkel said. “The easiest thing [users] can do is not provide it.”
Phishers sometimes use other means to obtain information from victims.
“If they want information, they’ll call you,” Gunkel said. “If you’re not quite sure, call them to check if it’s legitimate.”
While some e-mail users catch the scam and delete the e-mails immediately, some may fall victim to identity theft.
The best way to prevent getting hooked is to ignore the e-mail.
“Never hit reply and [say] leave me alone. As soon as you do, you tell the phisher that it’s a valid e-mail address,” Gunkel said. “The phishers are working with lists of e-mail addresses that can be years old. As soon as you reply negatively or positively, you validate it’s an active account.”
Phishers are almost never traceable because their location is constantly changing. Some Web browsers, however, can track the origin to a central database.
“Some browsers are set up so that when you’re getting the page, they’ll do a cross-reference to see if it’s an origin site of Web-phishing or scams,” said James Fatz, director of IT Security and Operations. “Spam and phishing source locations change a lot so that they, number one, can’t be caught by authorities and number two, change so that any software product cannot keep up with blocking them as a phishing site or a scam site.”
Fatz said the darker side to phishing is linked to organized crime.
“It’s organized crime, and it’s easier to make money than prostitution, and selling drugs,” Fatz said. “It’s more profitable, it generates millions and millions of dollars. People literally lose their life savings, all of a sudden overnight, it’s gone.”