This week on the Volusion blog, we’ll take a closer look into the broad spectrum of online security. Today’s post discusses the threat of phishing – what it is, where it’s going and how to protect yourself. Learning how to detect these risks will help protect your online business from scams and data theft.

With the launch of our newest credit card protection service, Fraud Score, I thought it appropriate to discuss the broad scope of online security, particularly certain risks to be aware of. That’s why this week is dedicated to giving the information you need to stay safe out there. As cliché as it sounds, an ounce of prevention truly is worth a pound of cure.

Today’s topic is phishing, which is a form of data theft via submission of personal information to a fraudulent entity that poses as a legitimate one. This typically happens by sending data to a form that looks genuine but actually feeds into an underground database. Think of it as fraudsters fishing for your sensitive info – you’re the fish and the worm is the fake entry field.

The most popular example relates to your bank account. A phisher will obtain your email address and send a message instructing you to update account details. You’re then prompted to click a link that takes you to a website similar to your bank’s. You willingly enter your information, never knowing that it’s going directly to an identity thief.

Take a look at this example e-mail:

But never fear, there are several ways to protect yourself. Watch this video from Symantec to learn more about spotting phishing scams(we don’t endorse or promote Symantec – it’s just a really helpful video):

As are most things online, phishing is evolving. The RSA Online Fraud Report for January 2010 indicates that phishing attacks increased by 17% in 2009. Additionally, consumer awareness of phishing schemes has increased to 76%. Awareness truly is the key to prevention – phishing is a basic tactic that is easily avoided by seeing the signs.

The only downside of this awareness is that fraudsters are now finding new ways to obtain the information important to the success of your online business. Take a look at these developing methods:

• Smishing – phishing in the form of a text message to your mobile phone. (The term “smishing” comes from the idea of SMS phishing.) In this form of phishing fraud, you receive a text message directing you to call or visit a website to confirm or enter personal info. Another RSA report indicates that smishing attacks have increased 4x in the past year.
• Vishing – phishing in the form of a phone call. (The term “vishing” is derived from voice phishing.) With vishing, fraudsters call multiple phone numbers at once, hoping for unsuspecting victims to pick up the phone. Upon answering, a recorded message instructs you to call in response to fraudulent activity within a bank or credit card account. Once you call in, you’re instructed to enter sensitive numbers on the keypad.

.

So now that you’re aware of this major online security threat, it’s important to help put a stop to these scams. Here are some great places to report phishing incidents when you see them:

• Anti-Phishing Working Group
• Google
• U.S. Computer Emergency Readiness Team

.

And stick around this week! We’ll continue to discuss these important security issues and enable you with the tools to protect yourself and your customers.

Happy (and safe) Selling!
-Matt Winn, Marketing Associate

Follow us for exclusive promos, breaking news and expert advice!

What do you think about phishing? Have you heard of it before? Ever been affected by a phishing attack? Do you have any additional advice for online business owners to stay safe? How about smishing and vishing? Any other thoughts? Share with us below!