Beware of Phishing

This involves sending out spam emails disguised – often not well – as letters from the recipient’s bank. Victims are encouraged to click on a web link in the message, which takes them to what purports to be the site of their financial institution.

Then the unwitting web users are asked to type in their bank account details, usually in order to ‘confirm’ their identity following an ‘error’ with the bank’s ‘computer system’.

The site then accepts the details, which the criminals then use to steal cash from their victim’s accounts.

Nearly half of all internet users have been targeted by phishing crooks, according to research by net provider AOL and YouGov, the polling organisation.

And in an increasingly net-savvy world, phishing is a growing problem. The number of phishing emails being stopped by anti-spam filters increased by 500% in the 12 months up to December 2004, says portal Lycos.

If you are unfortunate enough to receive a phishing email, delete it immediately. They are sometimes poorly written and clearly not official messages from a bank or credit card company. However, as time goes on, the spoof emails become ever more convincing.

If you find yourself on a website that you suspect is fraudulent, simply enter incorrect personal details. A real banking website will alert you to your ‘error’, while a phishing site will accept the information as correct.

There is no legal requirement for banks to compensate victims of online fraud, though financial institutions are often sympathetic, despite losing £12m as a result of phishing in 2004.

“As long as people are not negligent, any losses are likely to be covered by the banks,” claims the Association for Payment Clearing Services.

“However, financial services companies are increasingly putting clear warnings about phishing on websites, advising their customers to protect themselves.

“If a bank is confident that it has given customers sufficient warning and they still fall prey to online fraud, the bank might be less likely to cover any losses.”

But phishing is not the only method fraudsters use to commit robberies online. In the six months to March 2005, attempts to hack into the online accounts of unsuspecting bank customers more than trebled, reports internet security firm Symantec.

This is known as ‘pharming’, which redirects net users to a fake website when they try to access their bank’s legitimate website. This diversion is caused by a virus that infects email. Dubious websites should be treated with extreme caution or ignored completely. If you have any worries, contact your bank.

For further information, visit the Anti-Phishing Working Group's website, or see the UK Net Guide features on skimming, avoiding identity fraud, avoiding spam, and internet banking.