Phishing Scam

Phishing is a scam where scammers create replica of an existing web page to fool a user into submitting usernames, passwords, and credit card details.

1. A phisher often sends forgery links in emails or instant messengers to victims.

2. To lure victims click forgery links, emails include imperatives like 'verify your account', 'confirm information', 'renew your account', and so on.

3. Forgery links are manipulated by scammers.

Common tricks:

• If the real address is yourbank.com, they build a link www.yourbank.example.com to mislead you to example.com.
• They make anchor links appear to real address, and the links actually point to phishing website. These links are not same as the ones in the lower left hand of most internet browsers.
• They use very similar appearance characters to register a phishing domain, for example: the number one '1' looks like the 12th letter 'l'. So, Goog1e is not Google.
• To make identical appearance domains, they register homograph domains in another language, for example: Cyrillic small letter 'a' looks identical to Latin small letter 'a'.
• Some scammers use JavaScript to alter the address bar.

4. How to avoid phishing scams?

• Don't click the links in an unexpected email.
• If you are uncertain about the information, contact the real company through reliable way, for example: the phone number printed on your credit card.