Phishing

Vicky Laura Stu Just what the heck is phishing anyway? No it doesn't require a pole and it is not a fun filled water based hobby. Webster defines fishing as " **: ** a scam by which an E-mail user is duped into revealing personal or confidential information which the scammer can use illicitly" But just what does that mean and how is it accomplished? Phishing can have far-reaching consequence beyond simply losing your email account. It can be used to attempt to glean sensitive information such as your social security number you bank account number or a plethora of other sensitive personal information. In phishing an electronic "bait" is often used to entice victims into giving away their sensitive personal information. For example you receive an email from what looks to be your bank asking you to fill out some forms that require sensitive personal information like your account number. Should you fall prey to those sleazy online jerks they could uses that illicitly garner information to drain you bank account, take out credit cards under your name and generally cause you no end of problems. The attacks can be far more clever and attempt to garner your say, face book information and uses that sensitive information for nefarious purposes or simply to block access to your account. Every year phishing is responsible for millions of dollars in damage and potential far more damage to businesses loosing revenue or customers as a result of phishing damage.
 * What is Phishing? **

**When did Phishing start? ** The first recorded use of the term "phishing" was made in 1996. The term is a variant of //fishing// probably influenced by //phreaking//, and alludes to baits used to "catch" financial information and passwords. AOL was one of the first companies affected by phishing. The phisher would pose as an AOL staff member and ask the potential victim to reveal sensitive information. After the AOL scams phishers started targeting financial institutions. Since then phishers are targeting U.S taxpayers, posing as the Internal Revenue Service. Social networks have also been affected since some people reveal personal details in such sites.

media type="youtube" key="sqRZGhiHGxg?fs=1" height="385" width="640" align="center"

**Safeguards and Prevention **  Education goes a long way and simply getting educated people on ways to recognize phishing attempts is a start to preventing phishing. People can take steps to avoid phishing attempts by slightly modifying their browsing habits. When contacted about an account needing to be "verified" (or any other topic used by phishers), it is a sensible precaution to contact the company from which the e-mail apparently originates to check that the e-mail is legitimate. Alternatively, the address that the individual knows is the company's genuine website can be typed into the address bar of the browser, rather than trusting any hyperlinks in the suspected phishing message. Simply put it is in the consumers hands to play it safe and verify emails they receive.

How do you teach phishing, anyway? **Grades 5-8 Instruction** At this stage in the education process, it would be a good idea just to introduce what phishing is to a student. At this early adolescent stage, students are just beginning to use e-mail on a regular basis. The important thing here would be to show students what a phishing scam looks like when it comes to scammers looking for your password to your e-mail to further spam e-mail or viruses. Have students identify e-mails from people they know and people they do not know. Teach students to be wary of any e-mail that states that their account has been hacked and you need to enter your e-mail to go re-do your privacy settings. **Grades 7-9 Instruction** By this age, many students are on social networking sites and playing games online. Revisit the idea of phishing with students, asking them if they know or remember what phishing is. Explain that phishers could disguise themselves as moderators on online games, looking for your account information. This could lead to your account being taken. Further explain to students that hackers are also looking to gain the password to your social networking site in order to promote spam products to all your friends while posing as you. Ask students if they have ever received weird product advertisement from their friends on facebook, twitter, or tumblr accounts. Explain how it is very possible that their friends clicked a link, their password was phished, and then they now receive annoying spam on their wall. **Grades 9-12 Instruction** This is the age when you can really start scaring - I mean, instructing - students in the real dangers of phishing. Most students are doing online banking these days and doing shopping online. Explain that phishers are also looking to access your bank account and steal your money. Show students a bogus website that looks like a legitimate one, ie: Bank of America, Ebay, etc. Show students that phishing is not just about e-mails. Make students aware of the dangers of clicking links, especially from phony banks telling them that their account has been compromised.


 * Some Additional Websites to Check Out!! **http://www.ftc.gov/spam/This is the Federal Trade Commission's website about spam and shows you how to forward phishing e-mails to them!http://www.antiphishing.org/This is a nonprofit trying to stop phishing on the internet.


 * References **