Phishing scams are on the rise and many Web sites hide features designed to steal information from users. Users have the possibility to protect themselves by learning safe browsing habits but can also find help in a variety of anti-phishing plugins available to them.
What is Phishing
Phishing is a malicious attempt to steal somebody's personal information to include name, credit card number, home address and phone numbers. Attacks are normally carried with e-mails and through web sites that look legitimate but actually are simple look-alike versions engineered to record information inputted by users who believe they are actually dealing with real sites.
Advise: Don't be fooled and take the bite from a potential phisher who is out looking for a victim.
What to look for: any upsetting or exciting (but false) statements in emails or slightly different or confusing URL sites.
A phishers motive is: to get people like you to react immediately.
List of Anti-phising Plugins
Users may not always be able to spot a phishing site. For this reason, anti-phishing plugins are available to help them stay safe while browsing the web. Plug-ins can easily be installed/downloaded into the users' browsers. Once active, this plug-ins can warn web surfers who have accidentally landed on a malicious site and risk the compromising of personal information.
Here are 5 top anti-phishing plugins...
Netcraft Toolbar - offers protection from phishing attacks. It works on Windows, Mac or Linux.
TrustWatch Toolbar 2.0.3 - has a toolbar for Internet Explorer users as well as has a TrustWatch Search extension for Firefox users.
- ScamBlocker - is an Earthlink Toolbar feature for Internet Explorer and Firefox that helps protect users from the latest phishing threats. Internet users can download ScamBlocker for FREE.
PhishNet 1.2 - protects users from Web phishing scams. It is Free to try (30-day trial). OS requirements: Windows 95/98/2000/XP/NT.
SpoofStick - helps users detect spoofed (fake) websites. Available for both Internet Explorer and Firefox users.
Computer users can stay safe while browsing the Internet with...
- McAfee SiteAdvisor - FREE PLUG-IN. When downloaded, users will see a new button on the browser interface (that resembles the image to the right). Security threats are revealed by a three-color alarm system: a green icon means the site is safe, a yellow one means the site is low risk and the red one means the site is high risk (which identifies a potential phishing site). This color-coded rating system lets users know whether the site they are browsing is threat-free or not. Supports multiple browsers--works for both Internet Explorer and Mozilla Firefox. Latest version: 18.104.22.168. OS Requirements: Runs on WinXP/Vista/7. Note: The plugin is also enterprise-ready (SiteAdvisor Enterprise), which is great for organizational users to be safe from online exploits too.
Google Safe Browsing is used as an extension to Firefox. Its safebrowsing plugin will check URLs against Google's constantly-updated lists of suspected phishing pages to protect users from every risky site on the Web as it will alert when a Web page tries asking for users personal or financial information. Latest news: It is now a part of Google Chrome. Version 1.1 is out of date so be sure to use Protocol v2.
FirePhish is an Anti-Phishing Toolbar that protects against phishing. It is an extension to Firefox. It is not available for Firefox 6.0.
AntiPhish is a built-in plugin for Firefox that users can use to cache information that they would like to be protected against phishing attacks.
Tips to Avoid Phishing
Here are some helpful tips to prevent and protect a computer from a phishing attack:
- Only give out personal information to trusted Web sites
- Educate yourself on phishing scams and new techniques
- Consider using anti-phishing plugins
- Use anti-phishing filters. Note: Email providers like Gmail provide a spam filter that is capable of removing a large percentage of phishing emails.
- Block phishing emails with a spam filter
And most importantly...
- Don't Give Out Your Personal Information (without first checking the credibility of the person and/or site). Always keep in mind that phishing threats hide behind seemingly innocent Web sites. Be suspicious of those sites and people asking for personal information online (possible appearing as forms in email messages). It is wise to only provide credit card numbers or account information via a secure website or phone.
As reported by Gartner, "The War on Phishing Is Far From Over."  There are however ways to combat it, such as by using anti-phishing plugins (covered in next section).
Advise: If you find a phishing site, report it! The Anti-Phishing Working Group (APWG) wants to know. Forward any suspicious "phishing" emails to firstname.lastname@example.org.
Note: Computer users may be interested in seeing for themselves APWG Phishing Trends Reports (see references section for link).