Phishing? What's Phishing?

Home » EMail

Summary: Phishing is a way that internet scammers trick you into providing your personal and financial details. Phishing opens the door to identity theft, and more.

Phishing is a word you hear a lot in the news these days. This question brought it to mind:

I've received an email from "suspend@msn.net" asking for billing details and threatening the end of my MSN service. Contacting MSN resulted in referral to a support alias, but no answer. Is this a problem, or a forgery?

Well, you're right to be suspicious.

This definitely sounds like a phishing expedition.

•

Phishing is very much like fishing, except that you're the fish and that threatening email is the bait. If you bite, you run the very real risk of identity theft and all the hassle that entails.

What happens is this: phishers create email that looks VERY much like an official email from some important entity, like eBay, MSN, Paypal, or perhaps a bank. The email asks you to visit some site, which again, looks very official and proper. There you're then prompted to enter all your personal information again in the guise of "verification".

The problem is that you've just handed over all your personal information to a thief.

The single biggest clue is simple: legitimate businesses simply shouldn't, and the majority don't, ask you for your private information via email. Ever.

The second clue is the link they're asking you to click on. It may look like it links to eBay, but in fact is goes somewhere else entirely. Here's an example:

http://www.ebay.com/

In most browsers if you hover the mouse over that link, you'll see that it does not go to eBay, (you'll see the real destination either in popup text, or in the browser's status line near the bottom of the window). But it looks like it does. If you click on it, you'll be taken somewhere else entirely. The same tricks work in HTML formatted email, which is what most of these phishing attempts use.

Now, in the example above, it's obvious you're not at eBay if you click through. But if the destination site looked like eBay, you could be fooled into thinking it was legitimate.

So if you're tempted at all, hover your mouse over the link, and look before you click:

The actual destination should match what you expect. Exactly. If the link claims to be eBay, http://ebay.hacker.com is not where you want to go. Nor is http://www.ebay.cc (note that it's not ".com"). In the original question, "msn.net" as a return address is not the same as "msn.com". That's a big red flag.
The actual destination should be a name, not a number. If the destination of the link takes you a link that has numbers, such as http://72.3.133.152, chances are it's not valid.
The actual destination should be secure. That means it should begin with https:. If the target destination begins with the regular, unsecured http:, chances are it's not legitimate.

The single, most important rule regarding these emails is simple: if they provide a link to click on, ignore them. Never click a link in the email itself.

If you must satisfy your curiosity, then type what you know to be the correct URL into your browser by hand, and login to your account as you normally would. If there's something you need to do or verify, then you'll probably see it then.

And if you're still not sure, then give the institution a call. Trust me, they'd rather have you ask than have to deal with the possibility of identity theft.

Related:

Ask Leo! - How do I keep my computer safe on the internet?
Ask Leo! - How do I get rid of all this spam?!?!
Ask Leo! - Someone's sending from my email address! How do I stop them?!
The latest news on phishing

Article 1888 | Posted February 5, 2005

•

Recent Comments

0 Comments

Thankyou so much for your VERY informative help.
I know you probably will think I am daft but as a teacher albeit not a computer literate one or a young wizz kid, I am struggling. I have received e-mails from someone supposedly from Zimbabwe,who claims to have suffered under Mugabe, and is asking me to invest money for her as she says she knows I am a Christian and am trustworthy. How the hell did they get my email address? Oh and they are asking for my 'phone number. Please can you help me? I would be so grateful for your help.Are these people for real?
Is this phishing and what are they up to, they won't leave me alone.They are now offering me 25%
it is no one I teach as they do not have my email.
Lynette Smith.

Posted by: Lynette Smith at December 12, 2005 5:29 PM

Delete those mails and do not respond to any further contact. That's a classic internet scam and should be avoided at all cost.

Posted by: Leo at December 15, 2005 9:46 PM

I keep getting a messages saying that my msn address is not verified! How do I fix the problem??

Posted by: lynette at January 18, 2006 6:18 AM

Leo, How did you that?! I hovered my mouse over that sample ebay link in your Phishing article, just like you said to do, but it was really a Link to Latte for Leo!! Tell us how you did that! BTW, lattes are fattening! Michelle

Posted by: michelle at February 27, 2006 7:23 AM

Leo Guess What!??
I've got too much time, and so found out that
http://www.ebay.cc is a real website.
Er...Well..It was.
Now it's for sale!
As I said, I've got too much free time.

Well,
see-ya later!!!

PS:
Msn.net takes you to Msn.com
ebay.hacker.com takes you to sea.search.msn.com
my typing error of Ebat.cc also takes you to sea.search.msn.com
And http://72.3.133.152 takes you to a custom made 404 does not exist, by Plentic.

Posted by: jereme at August 8, 2006 9:55 PM

Dear Dr. Leo,
The phishing attacked my email address just in the same way as you described. I received an email which seems to come from Window Live... and ask me to supply my personal information to update my account, otherwise my account will be closed in a couple of days. To avoid any inconvenience, I updated my personal information. Since yesterday, I failed to log in my account. Subsequently, some of my friends informed me that they received an email from my hotmail account claiming that "I" was in trouble in a African country where I have never been and ask them to send "me" some money. Thank you for your informative help. I will never be a fish of "phishing".

Posted by: Lily at December 12, 2007 11:46 PM

When signing in to hotmail tonight, I was asked to verify my account and give my email address and password again. Then I was asked whether or not I agreed to hotmail live's terms of service and privacy policy. I clicked on yes, and got the same screen again. I completed it a second time. Then I could not log into hotmail and was told that my site might not be working at this time or my site might not be a certified windows live site. Your article makes it appear that this web site was actually phishing. Now what do I do?

Posted by: Jacki Richey at January 29, 2008 8:26 PM

I've had my own experiences with phishing, which I have written about on my own site: http://www.geocities.com/terryhollett2003/Phishing.htm

Posted by: Terry Hollett at February 9, 2008 8:14 AM

hi,
i would just like to say thank you,
i recently have been getting emails from according to email from the royal bank of scotland,
the email actually said:

Dear Royal Bank Of Scotland Customer,

Update and verify your information by clicking the link below:
">https://www.rbsdigital.com/default.aspx?refererident/upgrade>

*Important*

NOTE: FAILURE CAN RESULT TO ACCOUNT SUSPENSION.

P. R. Crush
Security Advisor
The Royal Bank of Scotland © 2008.
i did click on the link but my security on the pc said that the site is a reported phishing website, so i typed what a phising site was on google and this is why im reading this article.
i didnt have a clue about it

Posted by: kim at March 4, 2008 6:39 AM

Post a comment on "Phishing? What's Phishing?":

Name: (Required)

Email Address: (Required)

(Email Address will not be published.)

Remember Me? YesNo

By popular demand...
my tip jar

Buy Leo a Latte!

Comments: (you may use HTML tags for style)

New!

Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

I can't respond to every comment. And I can't vouch for the accuracy of others who do.
Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...