Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

8/17/2011
01:57 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey Says Consumers Taking The Bait In Phishing Scams

Even respondents aware of the idea of phishing often engage in dangerous online activities, according to ProtectMyID

Irvine, Calif., Aug. 16, 2011 Whether in the form of fraudulent emails, falsified websites or deceptive text messages, cybercriminals are casting a wider phishing net in the hopes of obtaining personal information from unsuspecting consumers. Experians ProtectMyID', a leading, full-service provider of identity theft detection, protection and fraud resolution, recently commissioned a survey to understand the implications of cybercriminals phishing expeditions. The findings indicate many consumers are being hooked.[1]

Phishing is essentially an attempt by cybercriminals and identity thieves to obtain sensitive information by masquerading as a legitimate and trustworthy source, said Jennifer Leuer, senior vice president of Experian Consumer Direct, which owns ProtectMyID. While many Americans understand the risks, the survey revealed they are unknowingly putting themselves in jeopardy of identity theft.

Masked as legitimate companies or government entities, cybercriminals often use scare tactics to lure people into providing personal information such as financial account numbers, Social Security numbers, birth dates or other private data to thieves. According to survey results, 22 percent of respondents would readily supply their personal information requested in an email from one or more of the following sources: bank, credit union, charitable cause, credit card company or national/state government agency.

Other findings indicate that while many consumers assume they are taking the appropriate measures to protect themselves, they are in fact falling into carefully designed phishing traps. For instance, 32 percent of respondents would click on the website addresses in an email to verify the source. What they dont know, however, is that they are more than likely being led to a fraudulent site set up to trick them into providing personal information.

To help consumers avoid being hooked by phishing traps this summer, Experians ProtectMyID offers the following tips:

Do:

Use strong spam filters to minimize the amount of unwanted and unsolicited emails you receive. Thieves count on you being bombarded with too many emails and being too distracted to notice anything being phishy.

Use a trusted URL checker to confirm the legitimacy of any new Website you see in an email or wish to visit.

Make sure you are at the Website you really want and that you have a secure connection for any financial dealings. Look for the https, security certificate and yellow padlock when providing personal information to a Website.

Update firewall, antispyware programs and operating system patches. These are necessary to block access to your computer from the Internet and to protect against known exploits used by hackers. If you dont update frequently, you become vulnerable very quickly.

Check emails for misspellings, poor grammar and/or odd phrases.

Dont:

Respond or reply to emails asking to confirm any type of personal or financial information.

Click on any links contained in these types of emails. More than likely, they will lead to a fraudulent site set up to fool you into providing personal information, or they may install a virus or Trojan to steal your information.

ProtectMyID provides members with multiple layers of defense against identity theft, such as Surveillance Alerts; scanning the Internet daily for potentially fraudulent use of members personal information; access to a dedicated Identity Theft Resolution Agent should the need arise; and notification if a change of address action is initiated, a common practice among identity thieves.

About Experians ProtectMyID

ProtectMyID is a leading, full-service provider of identity theft detection, protection and fraud resolution. ProtectMyID offers comprehensive identity theft protection products supported by experienced identity theft resolution professionals who deliver personal attention that customers can rely on. ProtectMyID.com is a Website owned by ConsumerInfo.com, Inc., an Experian company. For more information about how ProtectMyID helps consumers protect themselves against identity theft, please visit http://www.ProtectMyID.com.

About Experian

Experian' is the leading global information services company, providing data and analytical tools to clients in more than 80 countries. The company helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended 31 March 2011 was US$4.2 billion. Experian employs approximately 15,000 people in 41 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and So Paulo, Brazil.

For more information, visit http://www.experianplc.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4968
PUBLISHED: 2019-11-19
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
CVE-2012-0824
PUBLISHED: 2019-11-19
gnusound 0.7.5 has format string issue
CVE-2012-0843
PUBLISHED: 2019-11-19
uzbl: Information disclosure via world-readable cookies storage file
CVE-2014-5439
PUBLISHED: 2019-11-19
sniffit 0.3.7 and prior: A configuration file can be leveraged to execute code as root
CVE-2011-4919
PUBLISHED: 2019-11-19
mpack 1.6 has information disclosure via eavesdropping on mails sent by other users