Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam.
"Phishing" is a spin on the word fishing, because criminals are using fake bait (the email that looks legitimate, as well as the website that looks legitimate) hoping users will "bite" by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, usernames, and more.
The scams are getting more clever all the time. But it is still possible to spot an attempt before one falls victim to it. Look for immediate signs. If they address you by a generic name i.e. "Dear Customer" that is a usual give away.
If you spot grammatical errors in the actual message, that is a dead give away.
No bank/financial institution will ask you to "re-enter" your password or your account information. It is very unlikely that they any such site will have such poor security measures as to ask you to enter your credentials. Now they are getting more clever and asking you to call a "number" where you will be asked to enter your credentials or card number. Again, this is an attempt for to get you to volunteer your information to the culprit. One easy way to find out if the number listed is legitament or not, is to google the number and see if others have reported it as a phishing attempt.
Another flag is when they have a link or an email link and if you "hover" your mouse over it at the bottom of your browser you can see the target of the link. If you see an odd address other than the proper one for the institution you think this is coming from, that is another dead give away. They may try using names/words that may be consistent with the name of the organization that is supposedly "sending you the message" but by viewing it carefully you will catch the error in their name. You can always search their name in search engines as well.
Seeing any one of these flaws is enough to tell you the email is a phishing attempt – but what if these errors aren’t present?
That is where a regular scan, maintenance update and routine check-up with one of our technicians is always the best way to go. Call us today to schedule for an appointment to make sure your anti-spyware/malware software is up to date and that you are protected. Any time you receive a suspicious message and you are not sure about clicking the content, feel free to contact one of our consultants for help.