Phishing involves fraudulent emails which put on the appearance of a legitimate bank or a credit company in an attempt to steal your PIN or credit card number for illicit use. It tactfully leads you to a counterfeit website from a link in the email, and tricks you into inputting your personal information.
- If you find an email which you do not recognize, the first thing you should do is to use caution. Regulations to protect private information are becoming stricter. It is unnatural for any financial institution to ask you for your account number or PIN casually. If a real bank or credit card company requests you to reply by return mail, do not click the address in the email, but directly telephone the company.
-
If you are in doubt, then check to see if the website address is genuine. Typically, phishing website addresses look very similar to genuine website addresses. The following are some examples of their characteristics:
- Characteristic 1.
If you hover your mouse over the link address (E.g., http://xxx.@.co.jp), the address is shown as numerals in the status bar (E.g., http://123.456.789)
- Characteristic 2.
- The e-mail contains boxes for you to input the account number or PIN, and there are login icons right underneath them.
- "I was taken in by a counterfeit website!"
One day, Ms. A opened her email and saw a message from her bank. When she clicked on one of the addresses in the message, it led to the bank's real website. Trusting the message, she clicked on the line which said, "The account information must be refreshed." Then a window opened which said, "We need to verify your user identification for security. Please input your name, address, telephone number and PIN." This window was a counterfeit website, but Ms. A trusted the message and sent her information without the slightest doubt.
- It first leads to the real website.
- After it has gained the trust of the user, it then leads to a counterfeit site and tricks the user into inputting his or her personal information.
