Local banks e-banking sites such those owned by Maybank, CIMB Bank were among the favorite target of phishing attempts.

The number of phishing attempts is on the rise, according to an advisory released by the Cyber999 Help Centre of CyberSecurity Malaysia, Bernama reported. The Cyber999 Help Centre has been receiving numerous reports from Malaysian Internet users regarding phishing websites hosted overseas.

These look exactly like that of Malaysian banks’ e-banking websites. These phishing websites or fake websites are used to conduct a “phishing attack”, which involves manipulating the weak side of human security. This is done by masquerading as a trustworthy entity, for example, a copycat of a familiar banking website.

The “phishing attack” also uses a kind of social engineering tactic, such as sending spam emails that look as though they have been sent by a well-known Malaysian bank, it said here yesterday.

The email tricks people into clicking on a link that will open up the phishing website or fake e-banking website. As the fake website looks exactly like the original, customers enter confidential information such as e-banking usernames and passwords into the fake e-banking website.

This way, the “phishing attacker” steals usernames and passwords of bank customers. CyberSecurity Malaysia chief executive officer Lt-Col (Rtd) Husin Jazri said: “If you do receive such emails and they look like they are from banks or financial institutions, our advice is to ignore them.

“If you do get suspicious, contact your bank for verification or contact our Cyber999 Help Centre.” CyberSecurity Malaysia is under the purview of the Science, Technology and Innovation Ministry.

How you can help
To combat these threats, we need to your help, too. Protect yourself by always following a few key rules of thumb when you’re online:

* Use an up-to-date browser that features an anti-phishing black list. Some examples include Internet Explorer 8 or Firefox 3.0.10.

* Use unique logins and passwords for each of the websites you use.

* Check to see that you’re logging in from a legitimate e-banking site page for example the www.maybank2u.com.my domain not www.maybank2you.com.my

* Be cautious of any message, post or link you find on your e-mail that looks suspicious or requires an additional login.

How to recognize phishing e-mails and links? Software giant Microsoft provides a few clues can help you spot fraudulent e-mail messages or links within them – click here for details. The biggest social networking site Facebook also has several tips how to protect yourself against phishing. Read them here.