Help      |      Chebucto Home      |      News      |      Contact Us     

53. Beware of phishers

By Mark Alberstat

Nothing beats a bit of relaxing fishing to take your mind off the worries the Internet poses today. With spyware, viruses and worms threatening computers ever day, a few hours of fishing would be time well spent.

Today, however, that fishing can also be spelled "phishing" and it is another type of threat that Internet users have to be aware of and guard themselves against.

Phishing scams are relatively sophisticated spam or pop-up messages that attempt to trick you, and other Internet users, into disclosing personal and valuable information such as credit card numbers, bank account details or passwords to various accounts.

A few of the spoofed companies include eBay,, AOL, Visa and Citibank, to name a few. Phishing is sometimes also known as brand spoofing or carding.

The messages typically look like legitimate e-mail or pop-ups from known, trusted companies. These messages will urge you to "update" or "validate" account information. There are often links in the e-mails that you are to click on which will take you to a site designed to look legitimate and will prompt you to put in your personal account information. The people perpetrating the scam gather this information and then your credit cards are suddenly charged up, or your personal information abused in some other way. This is the most recent method for the often talked about crime of identity theft.

There are a few basic steps to guard against such online scams:

  • Do not reply to a link in an e-mail message that asks for personal or financial information. Any legitimate company requiring this information would not do so via e-mail. If you think the request is legitimate, close the e-mail and log on to the company's main site and investigate the site for needed updates. You can also contact the company through the site or the phone and see if it is actively looking for account updates.

  • Do not e-mail personal or financial information. E-mail is not a secure method of transferring this kind of information over the Internet. Sites that need your personal information will ask for it through their secure website which should feature a lock icon in your browser's status bar at the bottom. Unfortunately, this is not completely foolproof, as some phishing operations have forged this icon.

  • Another preventive measure is to always use anti-virus software on your PC, make sure it is up-to-date and is set to scan all incoming e-mails. Some phishing expeditions contain small programs that will load themselves onto your computer and track keystrokes or look for specific files that may contain sensitive information.

The Anti-Phishing Working Group, a global organization formed to wipe out Internet scams and fraud, has a comprehensive website including an archive of known phishing scams dating back to September 2003. If you think you have received a bogus e-mail, this list may have it to confirm your suspicions. The group's website is found at:

With this information in mind, and a wary eye toward suspicious e-mails, you and your information may not become caught up in a phishing net.

The Mousepad runs every two weeks. It's a service of Chebucto Community Net, a community-owned Internet provider. If you have a question about computing, email If we use your question in a column, we'll send you a free mousepad.


The Mousepad Index


Originally published 13 February 2005


Our community is online here!


A feature of the Halifax Herald