Phishing is a type of online fraud where the perpetrators attempt to acquire personal, financial, and/or other account information (such as user IDs, passwords, credit card numbers, PINs, etc.) from unsuspecting victims. This type of fraud is typically initiated by sending an unsolicited but official-looking email claiming to be from a reputable company, such as a bank, a credit card firm, or an online establishment. The fraudulent email usually contains an urgent message that tries to lure the recipient into providing sensitive information.
To avoid being victimized by phishing scams, below are several useful tips:
Do not respond to emails asking for any personal or financial information.
Legitimate companies will never ask you to verify or provide any confidential information in an unsolicited email.
Be cautious when clicking on links within a suspicious email.
Most phishing emails contain a link that leads to an official-looking web page which requires the recipient to log in or enter some personal information. Though the web page may contain official logos and look exactly the same as the legitimate company’s web site, any information submitted via these spoofed web page(s) will be sent to the perpetrators of the scam.
If you have any doubt regarding the authenticity of a web site you have been directed to in an email, we strongly recommend that you open a new browser and type the known URL of the company in the browser yourself, or call the company directly via telephone.
Never log in or enter private information in a pop-up window.
Clicking on links within phishing e-mails may direct your browser to a legitimate web site while, at the same time, opening another pop-up window wherein you are asked to enter your information. This makes it appear like the pop-up window is part of the legitimate site when, in reality, it is not.
Be on alert for suspicious e-mails
It is easy to forge an e-mail and make it appear like a legitimate company sent it. When dealing with emails that pertain to information that is sensitive in nature, it is best to err on the side of caution. Below are a few signs indicative of phishing emails:
Urgent account notifications that are not addressed to you personally but which require action on your part relating to your account(s).
Customer notifications that contain incorrect spelling or poor grammar.
Account/billing email notifications from credit card firms or other financial institutions that do not reference the last few digits of your account number, or that contain no specific details pertaining to your account/billing information or activity.
Account notifications that are delivered to your Bulk Mail folder.