Common Sense as a Tool Against Phishing

The Malaysian mainstream media has been abuzz lately by news about a phishing syndicate of thirteen youths who have been preying on online banking consumers.

The modus operandi of this group is like any other typical phishing band where potential victims are sent to fake online banking web sites where they enter their username and password information. The phishers will then use this information to log in to the victims’ online banking account and rob them blind.

What suprises me is the coverage that the media have been giving these thieves. The way the articles about their activities were written seem to imply that the crackers are advanced IT experts. The fact is, phishing is simply more of a social engineering exercise that requires little knowledge of IT. The same applies to victims of such attacks, they tend to be virtually ignorant of basic online information security.

Below are some steps you can follow to avoid being victims of phishing attacks:

  1. Banking institutions will never ask you to login to web sites not under their domain. For example, RHB’s online banking web site is https://logon.rhbbank.com.my/. Any other web site claiming to be from RHB bank but not using that URL is very likely to be a phishing front.
  2. All reputable online banking web sites will only be using the HTTPS protocol. Meaning their web sites URL will begin with https:// and not the far more commonly used http://.
  3. Banking institutions will almost never ask you to submit anything anywhere via email. They already have your information, so why would they need you to “verify” anything, especially through untrusted communications medium such as email.
  4. Regularly change your password.
  5. Use strong passwords. A good password should be a combination of lower and uppercase letters, numbers and if allowed, special characters (eg. !@#$%)

Happy online banking, and don’t let the phishers bite 🙂

2 responses to “Common Sense as a Tool Against Phishing”.

  1. farking Says:

    yes. common sense is the key for it. but not an everyone is it-savvy..so they might not thinking all of this lar…

    and the media..cannot blame on them coz i dun think they know what they’re talking about…. 😀

  2. jbbeng Says:

    Not banking sites, even PayPal. I did an article on it in my blog as well.

    Almost got tricked by it. 🙂