Publications
Partners
You’ve probably been warned by your bank about something called “phishing”, but what is it really? Phishing (pronounced like “fishing”) is a form of internet fraud where a scammer pretends to be a person of authority and requests your banking details or password by email.
Types of phishing
Phishers generally use one of several approaches:
• They pretend to be from the bank, saying that there has been a security problem or account error and you must send them your password immediately. Often, there is a warning that time is running out and your account will be closed.
• They pretend that you are owed a substantial amount of money from SARS or the bank, and you must submit your details to claim it.
• They pretend that you have won a lottery or competition overseas.
• They pretend to be a beleaguered businessperson or family member who needs to transfer a massive amount of money abroad, and asks for your help.
Warning signs
Most people are smart enough to pick up on a badly written letter from a fraudster, but some phishers have developed sophisticated techniques and invest a lot of time in building relationships with their victims. Here are some warning signs that you’re dealing with phishing:
1. It sounds too good to be true. Would somebody really offer you 30% of their fortune just for a little help?
2. You haven’t entered the competition. If you don’t enter the UK Lottery, you simply cannot win it. There’s no way to be entered by mistake.
3. You’re asked for your password. Banks go a long way to stress that you will never be asked for your password or personal details by email, under any circumstances.
4. Your name is misspelled or not used. Real institutions know exactly who you are and will communicate with you in person by name.
5. The email and contact numbers look strange. Would your bank manager use a Hotmail email address and provide a number from outside South Africa?
Keeping safe
If you have any doubt whatsoever, pause and think about you next action. Don’t be afraid to follow up and do a bit of your own investigating. Here are some steps you can take:
• Phone up the bank. Find your bank’s number in the phone book or on the official website, and phone to find out if the message is legitimate. If you still feel unsure, go in to the bank and deal with a consultant in person.
• Never click links provided in the email – they could take you to a phisher’s fake website which has been done up to look exactly like your banking website. Rather, enter the bank’s web address yourself or use your own bookmark.
• If you’re unsure about a website login, fake your details the first time. Just type in a random string of numbers and letters in the field. If the “login” works, you know the site is a scam.
• Look at the web address of the login page: the beginning should read “https” (the “s” stands for “secure”), rather than the usual “http”. If the page is unsecured, so are your details. Also, look for the little lock icon on your browser – a closed lock means a secure page.
The University of Cape Town (Law@Work) Internet and the Law course begins on 13 September 2010. For more information contact Kate on 021 685 4775 or kate@getsmarter.co.za or visit www.getsmarter.co.za
Types of phishing
Phishers generally use one of several approaches:
• They pretend to be from the bank, saying that there has been a security problem or account error and you must send them your password immediately. Often, there is a warning that time is running out and your account will be closed.
• They pretend that you are owed a substantial amount of money from SARS or the bank, and you must submit your details to claim it.
• They pretend that you have won a lottery or competition overseas.
• They pretend to be a beleaguered businessperson or family member who needs to transfer a massive amount of money abroad, and asks for your help.
Warning signs
Most people are smart enough to pick up on a badly written letter from a fraudster, but some phishers have developed sophisticated techniques and invest a lot of time in building relationships with their victims. Here are some warning signs that you’re dealing with phishing:
1. It sounds too good to be true. Would somebody really offer you 30% of their fortune just for a little help?
2. You haven’t entered the competition. If you don’t enter the UK Lottery, you simply cannot win it. There’s no way to be entered by mistake.
3. You’re asked for your password. Banks go a long way to stress that you will never be asked for your password or personal details by email, under any circumstances.
4. Your name is misspelled or not used. Real institutions know exactly who you are and will communicate with you in person by name.
5. The email and contact numbers look strange. Would your bank manager use a Hotmail email address and provide a number from outside South Africa?
Keeping safe
If you have any doubt whatsoever, pause and think about you next action. Don’t be afraid to follow up and do a bit of your own investigating. Here are some steps you can take:
• Phone up the bank. Find your bank’s number in the phone book or on the official website, and phone to find out if the message is legitimate. If you still feel unsure, go in to the bank and deal with a consultant in person.
• Never click links provided in the email – they could take you to a phisher’s fake website which has been done up to look exactly like your banking website. Rather, enter the bank’s web address yourself or use your own bookmark.
• If you’re unsure about a website login, fake your details the first time. Just type in a random string of numbers and letters in the field. If the “login” works, you know the site is a scam.
• Look at the web address of the login page: the beginning should read “https” (the “s” stands for “secure”), rather than the usual “http”. If the page is unsecured, so are your details. Also, look for the little lock icon on your browser – a closed lock means a secure page.
The University of Cape Town (Law@Work) Internet and the Law course begins on 13 September 2010. For more information contact Kate on 021 685 4775 or kate@getsmarter.co.za or visit www.getsmarter.co.za
