In today's world the Internet is becoming as common as sliced bread. Most people use it to send e-mails, browse for information, carry out banking transactions, and shop. So it shouldn't be a surprise that some people are embracing the technology for less-than-kosher purposes. Phishing scams in particular are a major concern. Luckily, if you want to avoid becoming the next victim of identity theft, there are ways to protect yourself from harm.
What exactly is phishing (pronounced "fishing")? Phishers use e-mail, brand hijacking, and scare tactics to catch uninformed people off guard and steal their private information. Usually these scammers operate by sending out a whole bunch of spam e-mails to a long list of recipients. Each message is made to look as if it comes from a trustworthy company, such as eBay or a big banking institution.
The second element of the e-mail involves an appeal to your emotions. To achieve this goal, the sender claims there is a problem or crisis that needs to be fixed as soon as possible. The e-mails use urgent, professional language, and request personal information. They may even direct you to a spoofed web page where you are asked to input the requested data.
If you visit the fake website, it may appear to be authentic, and oftentimes the true URL is even masked to hide the fact that the website isn't legitimate. The website asks you to provide confidential information in order to solve the "issue," which might include social security numbers, account numbers, passwords, and other sensitive information. Phishers base their attempts on the hope that a few fish in the sea will be tricked into believing the e-mail and web page to be genuine, and hand over their personal information without realizing their mistake - until it's too late.
Unfortunately, phishers are beginning to employ more insidious tactics, such as planting spyware viruses, to try and get your personal information. Often these viruses are designed to remain dormant until they can easily snatch your sensitive data. Once the virus is on your computer system, your Internet activities are monitored so that when you visit a specific site (one that requires you to log in, for example) the virus takes action and either diverts you to a fraudulent site or logs your keystrokes as you enter relevant passwords, account numbers, and other such information. If you don't have virus and spyware protection software, contracting a spyware virus is a very real threat.
In the face of an increase in phishing scams, it's necessary to learn how to avoid them, if you can. But there is good news. You can keep from being a phishing victim, just by following a few simple measures:
Being informed about spam e-mails and spoofed websites is one of the best ways to guard against falling victim to a phishing attempt. If you know what to look out for and can recognize key factors in fraudulent e-mails, you'll be able to keep your identity as safe as possible. For instance, spam e-mails may contain the company's logo and appear official, but when you look closely, there are several warning signs that can give scammers away. Sometimes the e-mails have spelling mistakes or the language doesn't sound quite right. But the best indicator is the request itself - legitimate companies never ask for you to verify your account, or to send your account information via e-mail. If you want to make sure everything is safe with your account, simply direct yourself to the website (without clicking any links within the suspicious e-mail) and log in directly to check on things, or call to confirm the sender's identity and the truth of the request. Do not send the information online.
Secondly, don't become frightened by the urgency of an e-mail or feel under pressure to answer immediately, without a second thought. Scare tactics are common when it comes to phishing, as a means to extract private information from unsuspecting people. Often the e-mail will declare that your account will be shut down until you provide the necessary data, but in reality, organizations don't conduct business in such a manner. Again, if you're concerned about your account, call the institution directly to verify the matter.
A generic e-mail request is another indicator of a phishing scam. Because scammers tend to send out spam to a large number of people, the e-mails they send aren't usually personalized. Authentic e-mails that arrive from your bank or other official organization include your name.
Never click on a link embedded in an e-mail message. Always visit the site on your own by typing it into your web browser and visiting it directly. That will ensure that you arrive at a legitimate site, at which point you can log in and check on the status of your account.
And never send confidential information to the sender by filling out a form present in the e-mail. Again, use your common sense and send the information over the phone or by visiting the website directly.
When entering credit card numbers and other important data online through a website, check that the site is authentic and utilizes encryption to secure the information. You can verify this by looking for a "locked" icon in one corner of your browser. The web address should also begin with "https" rather than a "http."
But be careful: some phishing sites put fake lock icons on their web pages. For inexperienced web surfers, this might be an effective trick. To avoid falling into this trap, ensure that the lock icon is located in the browser's window frame, rather than in the actual web page. And know that a secure site doesn't necessarily guarantee that a site is legitimate. URL masking techniques have the ability to make fake addresses appear to be those of actual secure companies. If you doubt the site's authenticity, call the site's owner.
Another way to evade scam artists is by keeping your browser and operating system updated. Download and install all patches and upgrades so that you are caught up with all the latest security updates.
Install an excellent personal firewall, antivirus software, antispyware software and antispam protection. Because these programs reduce the amount of e-mail phishing scams that come your way, and keep malicious viruses at a distance, you won't have as many chances to fall prey to a phishing attack.
If you follow these rules and know how to stay away from the bait, you can avoid being hooked by a phishing scam. As long as you stay informed about phishing and keep one step ahead of the game, as tactics evolve with the times, you'll be swimming safer waters.