Have you ever received email that looks like it’s from a real entity, only to find that it’s not? Well, then you’ve received ‘phish’ email. We thought since you all might be working electronically you might want a little education. Why? Because you may one day receive this stuff and accidentally give out your password information without knowing it. Some of these emails look like the real thing, but when you click on the link you might be taken to a website that looks legit, but check the URL (AKA Uniform Resource Locator – global address of documents and other resources on the World Wide Web).
For example I received one the other day from what I thought was Wells Fargo. When I clicked on the link, however, the URL didn’t say ‘www.wellsfargo.com’ – it said something completely different. The point is check, check, then check again. Otherwise you may be scammed.
So what’s phish?
phish [fish] – verb (used without object) – to try to obtain financial or other confidential information from Internet users, typically by sending an e-mail that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake Web site that replicates the real one.
Wikipedia’s description is pretty good:
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
The point of this information is to be aware, careful and protect yourselves!