Phishing is a type of scam that involves taking advantage of computer users in data transmissions or data storage to find out personal information with the intent to misuse the information for fraudulent purposes.  Phishing scams can take various forms.  Most people who use the computer on a regular basis are familiar with one of the most popular types of phishing scams, which is when the perpetrator is trying to copy or borrow logo, symbols, wording, corporate colors and other similarly related categories to disguise themselves as financial institutions or well-known corporations, such as Bank of America or Microsoft.  One of the techniques these scam artists might try includes placing a link on their site or in their e-mail which will connect the unknowing computer user to their location on the web, or to another person they are working with to steal valuable personal information.  Quite often, but not always, their wording in an e-mail directs you to take action urgently or immediately, so that an account or another financial matter can be handled without interruption of activities.  This attempt works effectively to catch people who are not on guard.  Now to take a look at efforts to monitor phishing.

PHISHY!

www.microsoft.com/protect/yourself/phishing/identify.mspx, describes a type of “spear phishing” which is another phishing scam that “might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT.”   As Microsoft indicates at this site, the primary object of scam artists such as these is to “ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data.”    Windows Vista and the use of Internet Explorer 7 helps control phishing, but if you do not have these, Microsoft advises that everyone should use some type of phishing filter to protect valuable  personal information.

I decided to check at two banks where I have accounts to see what was indicated about phishing.  Of course, all banks ask us to review our accounts regularly, if not daily, to watch for suspicious activity.  What Bank of America states at their site at www.bankofamerica.com/privacy is that, while the bank does use cookies to gain information about the effectiveness of using their sites, they never use cookies or files such as “Flash Objects” to gather information and store that personal information unless it is encrypted.  This means that the data is not readable to anyone else.  They also of course must follow strict regulatory guidelines about who can use and access that information, and for what specific purposes.  Financial institutions must also send their updated privacy policies to customers at least once per year, as per federal requirements.  While Wachovia notes similar information in their internet privacy policies, this institution indicates at www.wachoviasecurities.com/disclosures/internet-privacy.html that Wachovia may “also use cookies to enhance risk analysis and fraud detection.”  Wachovia attempts to monitor customer behavior patterns and makes every effort to alert a customer when something questionable might be happening with a customer’s accounts.  Many banks and financial institutions have also tried to put the word out to the general public that they will never attempt to have you verify an account by having you provide any type of personal information over the internet.