Don’t get caught on the line when scammers go phishing for victims. Phishing involves faking emails or web pages, making them look like they represent a genuine company or website in order to trick the user into giving up sensitive information, such as logins, passwords, Social Security Numbers and more.
You may have received phishing emails claiming to be from Amazon.com, eBay, PayPal, banks and other trusted companies. They may say that your account has been compromised or that you need to verify your information to avoid having your account suspended. A link in the email leads to a site that looks like the real site, but is actually a fake. You are asked to log in with your user ID and password, or update personal information.
With this information they can then access your real account. Also, because many people use the same log in and password on several sites, they may be able to get to other accounts by trying your info on other sites.
How can you spot a phishing email? Tell tale signs include:
- Bad grammar
- Spelling errors
- A not-quite-right URL
- Email is sent from a free email account, such as Yahoo! or Hotmail.
Education is one of the most important tools when it comes to beating phishing attacks. By learning what a phishing scam commonly looks like, people are less likely to click on links, and even less likely to enter sensitive information. Such education may also serve to teach people how to investigate emails that they receive, and how to follow through proper channels to find out whether or not an email is genuine or not.
The problem currently is that even among people who are otherwise educated as to the dangers of phishing scams, there is a chance that they will click on a link without thinking. This is more likely when browsing the web, and can lead them to visit a fake web page that requests sensitive information. The best thing that a user can do in this case is to visit the genuine page as soon as they suspect that they have become a victim of phishing, and change their site password.
For that reason, a number of anti-malware program providers have started adding phishing prevention to their software. When installed and running correctly, the software will alert the user when they visit a web page that is known to be, or that appears to be a fake. Though they won’t prevent you from visiting the page if you really want to, the warning is quite clear.
To protect yourself from phishing scams:
- Check where an email is from before clicking links, especially those claiming to take you to your bank account, PayPal account, etc.
- If you receive an email saying your account has been compromised and you need to take action, do not click on a link in the email. Instead, go to the site by entering the official URL in your web browser, then logging in to your account. For example, instead of clicking on a link to paypay.serviceplace.com (not a real PayPal link), type in paypal.com and log in to your account from there.
- If anything makes you suspicious, DO NOT enter any personal information, including your password.
- Get good anti-virus and malware software, install it and keep it updated. Two free choices I like are AVG (anti-virus) and Malwarebytes (anti-malware). Both also offer paid versions, but the free ones are very good.
As a last note, it is important to remember that almost no website has the right to ask for a person’s SSN. Notable exceptions to this statement include sites such as Paypal, and other money processing sites that may by law need your SSN to comply with tax regulations. If in doubt, it is wise to ask for a second opinion from your bank, or from an internet savvy friend. Don’t become another victim.