Symantec Global internet Security threat report
the use of antiphishing toolbars and components in Web browsers can also help protect users from phishing attacks. these measures notify the user if a Web page being visited does not appear to be legitimate. this way, even if a phishing email reaches a user’s inbox, the user can still be alerted to the potential threat.
End users should follow best security practices, as outlined in “Appendix A” of this report. they should use an antiphishing solution. As some phishing attacks may use spyware and/or keystroke-logging applications, Symantec advises end users to use antivirus software, antispam software, firewalls, toolbar blockers, and other software-detection methods. Symantec also advises end users to never disclose any confidential personal or financial information unless and until they can confirm that any request for such information is legitimate.
Users should review bank, credit card, and credit information frequently. this can provide information on any irregular activities. For further information, the internet Fraud Complaint Center (iFCC) has also released a set of guidelines on how to avoid internet-related scams.221 Additionally, network administrators can review Web proxy logs to determine if any users have visited known phishing sites.
Consumers could also take more security precautions to ensure that their information will not be compromised. When conducting higher-risk internet activities, such as online banking or purchases, consumers should do so only on their own computers and not public ones. Further, they should not store passwords or bank card numbers. they should also avoid following links from within messages (whether in email, instant messages, online forums, etc.) as these may be links to spoofed websites; instead, they should manually type in the UrL of the website. in addition, consumers should be aware of the amount of personal information that they post on the internet, as criminals may take advantage of this public information in malicious activities such as phishing scams.