Davis & Co LLP. Accountancy News - Keep Yourself Safe from Fraud Online
Home Contact Us Accountant Services Accountant News About Us Resources Site Map IFA London
 
 

 Davis & Co LLP - Accountant Newsletter

Accountant Newsletter - Keep Yourself Safe from Fraud Online

KEEP YOURSELF SAFE FROM FRAUD ONLINE

Phishing Fraud: How to avoid getting caught by phony phishermen

What is phishing?

Phishing is the name given to the practice of sending emails, at random purporting to come from a genuine company operating on the Internet, in an attempt to trick their customers into disclosing information at a bogus website operated by fraudsters.

These emails usually claim that it is necessary to ‘update’ or ‘verify’ your customer account information and they urge people to click on a link from the email which takes them to the bogus website. Any information entered on the bogus website will be captured by the criminals for their own fraudulent purposes.

How can I prevent myself being a victim of phishing?

The key thing is to be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source.
Although your bank may contact you by email, they will never ask you to reconfirm your login or security password information by clicking on a link in an email and visiting a web site. Stop to think about how your bank normally communicates with you and never disclose your password or personal information. The emails are sent out completely at random in the hope of reaching a live email address of a customer with an account at the bank or organisation being targeted.

How to spot a phishing email

Check:

Where did the email come from?
Phishing emails can look like they come from a real bank email address. Unfortunately the way Internet email works makes it a relatively simple matter for phishers to create a fake entry in the ‘From:’ box. The email address that appears in the ‘From’ field on an email is NOT a guarantee that it comes from the person or organization that it says it did. These emails are not sent using the bank’s own systems.

Who is the email for? The emails are sent out at random to bulk email lists and the fraudsters will almost certainly not know your real name or indeed anything else about you, and will address you in vague terms like “Dear Valued Customer”.

Take a closer look at the email - does it look phishy? The first thing to remember is that banks will never write to you and ask you for your password or any other sensitive information by email. The message is also likely to contain odd ‘spe11ings’ or ‘cApitALs’ in the ‘Subject:’ box (this is an attempt to get around spam filter software), as well as grammatical and spelling errors.

Where’s that hyperlink going to? Unfortunately it is all too possible to disguise a link’s real destination, so the displayed link and anything which shows up in the status bar of your email programme can easily be falsified.

How to spot a phishing web site

If you visit a web site after clicking on a link from an email, there are many ways of disguising the true location of a fake web site in the address bar. The site address may start with the genuine site’s domain name, but that is no guarantee that it points to the real site. Other tricks including using numerical addresses, registering a similar address (such as www.mybank-verify.com), or even inserting a false address bar into the browser window. Many of the links from these pages may actually go to the genuine web site, but don’t be fooled.

Beware of fraudulent pop-up windows

Instead of displaying a completely fake web site, the fraudsters my load the genuine web site in the main browser window and then place their own fake –pop-up window over the top of it.
Displayed like this, you can see the address bar of the real web site in the background, although any information you type into the pop-up window will be collected by the fraudsters for their own use.

To access your online banking account, type the address into a new window yourself. The address of your genuine bank site will start ‘https’ and will include a small padlock in the bottom of the browser window.

Reporting suspicious emails

If you receive a suspicious email, please inform your bank as directed on their web site and forward the email to www.banksafeonline.org.uk

Remember:

  • Treat all unsolicited emails with caution and never click on links from such emails or enter any personal information
  • To log-on to Internet banking, open your web browser and type the address in yourself
  • If in doubt about the validity of an email, or if you think that you may have disclosed information to a fraudulent site, go online to getsafeonline.org

 

 

Contact us via our contact form or call 01582 761121.
 

©2010 Davis & Co LLP. Herts Office: Ellerd House, Amenbury Lane, Harpenden, Hertfordshire, AL5 2EJ, UK.
Tel: +44 (0)1582-761121 / 0845-644-2070 -- Fax: +44 (0)1582-761126 / 0845-644-2071.
London Office: Hamilton House, 1 Temple Avenue, Victoria Embankment, London, EC4Y 0HA, UK.
Tel: 0845-130-4521 -- Fax: 0845-644-2071


Davis & Co is a trading name of Davis & Co LLP, a Limited Liability Partnership Registered in England & Wales, Registered number OC309721. Registered office: Hamilton House, 1 Temple Avenue, Victoria Embankment, London, EC4Y 0HA. Registered as auditors and regulated for a range of investment business activities by the Association of Chartered Certified Accountants.