Phishing is a type of cyber crime that uses emails to obtain information such as username, passwords, credit card details and other vital information from an unsuspecting person. This crime is likely to affect online banking institutions such as the First Internet bank of Indiana as hackers try to lure customers into giving vital information which can be used to access to their accounts, transfer money or commit other heinous crimes such as identity theft.
Phishing threats
There are a number of threats that the first IB bank is exposed to. These threats are potentially dangerous as they result to huge financial loses for both the bank and the customers. In addition, the bank may lose its reputation, customer base and its overall profitability may be affected in the long run. These threats include;
Phishing
This is a fraudulent attempt to obtain customer’s personal information through emails. In this case, the attacker sends emails to the bank customers promoting them to change their account information such as the password and username. These emails contain a link which directs the customers to a fake website resembling the bank’s website.
When the unsuspecting customer enters his information, the perpetrators gain this information and use it to access their online bank accounts, transfer money, purchase items online or gain personal information. Through phishing, the bank and its customers may suffer huge financial loses.
Spear phishing
In this case, the phishing email are designed and directed to attack a given person. The emails are well crafted and contain the target institution jargons and acronyms so convince the victim to open the email and also click on the link. For example, the hacker may carefully design emails to lure the banks management team or a specific person into giving vital information which can result to drastic financial loses.
Identity theft
Identity theft is carried out in conjunction with phishing. In this crime, the hacker gains the victim personal information and uses it to run up charges on the accounts and then disappears. The main information targeted include social security number, drivers license, credit card, passwords, ATM numbers, birth date, telephone number, mortgage information among others.
Both the bank and its customers incur huge expenses especially in situations where the perpetrators gain the credit card details of individuals. Identity theft may result to huge debts for both the bank and its customers.
Methods of preventing phishing
There are several measures that the bank can take to prevent phishing. These are;
Educating web users
The bank can send emails at regular times to warn their users that they never ask for their customers account information. The customers can also be provided with this information as they open the bank’s website. This information should warn their customers that they will never be prompted to give their password to anyone including the bank employees.
Indentifying spam
The email companies can be prompted to improve their websites so that the email source can be identified. This makes it possible to indentify spams which are the major sources of phishing messages.
Contracting anti-phishing consultants
The bank can contract consultants dealing with anti-phishing work. These consultants monitor new websites so as to identify those that use the Bank’s name and logo. These websites are set up by hackers a few days before their email campaign. Once identified, the websites are closed down thus preventing phishing. Also, these hackers can be identified by watching offers of stolen cards as they are being exchanged from one phishing group to another.