More and more unwitting email and Internet users are getting hooked by phishing scams, and it can be painful indeed.
Phishing is a scam used by identity thieves to trick you into providing your sensitive personal or financial information. Thieves use official-looking emails to impersonate trusted entities like banks, credit card companies, and online resources like eBay or PayPal. These emails are used to lure unsuspecting consumers to a particular website through a link where they will be asked to enter their information. According to a study done in 2006, approximately 109 million people received a phishing email of some sort in that year.
To protect yourself from falling victim to a phishing scam, it’s important to be very cautious with your personal information including your usernames and passwords. Some phishing scams divert you to a fraudulent website designed to look like your bank’s website or a similar trusted source. When you enter your username/password and other information, that information is transmitted to the con artist, who can abuse it later on.
Be very suspicious of any emails you receive from trusted entities like your bank. If the email contains a link, don’t click on it. Deceptive links that mimic legitimate URL addresses are a common tools con artists use in phishing scams. While these addresses may look official, they usually contain inconspicuous differences that redirect you to a fraudulent site. Instead of clicking on the link, type in the web address of the institution into the browser yourself to access the website.
Look out for common phishing language in emails like “Verify your account.” Legitimate businesses will not send you an email to ask for your login information or sensitive personal information. Also, look out for emails that try to convey a sense of urgency. Warnings that your account has been compromised, for example, are a common way to lure victims. Again, contact the company directly to inquire about such emails rather than using any link or other contact information provided in the email. Finally, be wary of any email that does not address you directly. While some phishing scams will use your name in the email, many are sent out as spam messages to thousands at a time. Most legitimate businesses will use your first and/or last name in all communication.
If you visit a website with a padlock, click on the padlock. It should show you the name of the organization that applied for the padlock. If the name does not match the name you know, be very suspicious. To learn more about padlocks and the security they provide online, visit InstantSSL.com.
It’s good practice to look at all the emails and websites suspiciously. Getting sucked into a phishing scam can cost you thousands of dollars and a good amount of your valuable time. An ounce of prevention now can save a pound of cure later.