Phishing: The act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Problem- Most phishing occurs when a client clicks on a URL that is embedded in an email, social media site, adware etc and is redirected to a website that looks very similar to the one it is impersonating. Once the client enters the personal information (username/password, SSN, Credit Card) the hacker captures it and then has the option to use it illegally or resell that it on the black market. (example of a Google phishing attack that occurred 3/14)
Solution- If you want your users to know that they are on the correct website then make it impossible to duplicate and easily recognizable. How do you do that? First purchase an Extended Validation (EV) SSL certificate. The Certification Authority (CA) will first validate the legal existence of your company and then issue an EV SSL certificate that turns your clients the Address Bar Green and displays your company’s information when they are on your site. (EV Browser Examples Below)
Once you have correctly installed the certificate using best practices the second step is simply to inform your customers. Inform them about Phishing attacks and how you have taken action to prevent them from happening. Most importantly make sure your customers know about the EV SSL certificate on your site and to NEVER enter any information if the browser is not displaying the Green Bar.