You have a customer who has been the victim of an online sca

You have a customer who has been the victim of an online scam that caused him to input his username and password on a site he believed was his bank’s Website but in fact was a copy of the site. As a result, his bank account has been compromised. What sort of scam does this describe?

A. Cookies

B. Phishing

C. Social engineering

D. War driving

Solution

B and C. Phishing is a scam where a customer receives an e-mail (or instant message), supposedly from a trusted source such as a bank, stating that his username and password data has been lost and that the customer must click a link provided in the e-mail to re-enter this data. Once the link is clicked, the customer is taken to a copy, sometimes a very bad copy, of the banking Website where the customer enters his username and password, giving it to the malicious person who created the phishing scheme. Advise customers to never click a link in such an e-mail but to check this information by calling the bank or other trusted source and talking to a representative of that organization. Social engineering is a method a malicious person uses, sometimes over the phone, to attempt to convince you to release confidential information to that person. Phishing is a specific example of social engineering.