Skip to Main Menu Skip to Content


Fight phishing with these tips and software protection

By Sharon Omahen
University of Georgia

Your personal computer most likely contains keys to your money and your life. And they're not exactly vaults. Computer experts say following a few basic tips, though, can prevent outsiders' access.

"More and more people are becoming victims of computer phishing when they could easily prevent it," said Bill Blum, a senior systems specialist with the University of Georgia College of Agricultural and Sciences. "Just as they do in the physical world, scam artists on-line develop new and more sinister ways to trick you."

"Phishing" is a play on "fishing," or casting out hooks in hopes of enticing someone to bite. It's an attempt to get financial information from you, Blum said.

These e-mails most often direct you to a false Web site. "For example," he said, "you may get an e-mail that appears to come from your banking institution saying they are having a problem with your account. You click on the URL, go to the Web site and key in your password information."

Whoa. That's not good. "You have just given them the first chink in your armor to perform identity theft on you," Blum said.

Once phishers gain access to your bank information, they can search further for credit card numbers and your Social Security number, he said.

How can you tell whether a site is truly your bank's Web site?

"Secured portions of sites like banking sites have URLs that begin with https," Blum said. "The 's' stands for secure. You should also see a closed‑lock graphic, usually in the lower right corner of your screen, when you're on a secured site. If the graphic is an open lock, you're on an unsecured site."

The closed lock doesn't guarantee the site is safe. "But it's a major step in the right direction," he said.

Blum says you can further protect yourself from phishing by never responding to requests for personal information in e‑mails or pop‑up windows.

"When in doubt," he said, "call the institution that claims to be the sender of the e‑mail or pop‑up window before you respond."

Always visit Web sites by typing the URL into your address bar. Never access it by clicking on the URL in an e-mail.

To make sure you aren't a phishing victim, Blum said, routinely review your credit card and bank statements for errors. The sooner you find them, the sooner you can take action to correct them.

"Report suspected abuses of your personal information to the proper authorities as soon as possible," Blum said. "Typically, the credit-reporting agencies you should contact are Equifax, TransUnion and Experian."

Four steps to secure your system, he said, are:

1. Install an antivirus program and keep it up‑to‑date. Periodically scan your entire system for viruses.

2. If you're running a Windows‑based system, always perform your Windows critical updates ( with Internet Explorer.

3. Install a spyware detection and removal program, such as Ad‑aware ( or SpyBot (www.safer‑ "You pick up spyware when you go to Web sites or get spam‑type e-mail," Blum said. "Programs like Ad‑Aware and SpyBot can help keep spyware away." Both are free.

4. If you're get on-line through DSL or cable access, install a software firewall. "It allows you to control traffic in and out and prevents all other traffic," Blum said. "The most common are Windows Firewall (if using Windows XP), ZoneAlarm and F‑Secure Client Security." Dial‑up users don't always need firewall protection. But it's always helpful.

If installing software intimidates you, Blum said, contact a reputable computer professional. Or just buy current computer magazines for tips and visit Web sites like

(Sharon Omahen is a news editor with the University of Georgia College of Agricultural and Environmental Sciences.)

Share Story: