One of the most prolific means for online scamming is phishing. If a scammer is able to gain your trust, they can leverage this trust to convince you to willingly give up information or click on malicious links or even open an attachment. Scammers will appear legitimate by spoofing the email address or creating a fake website with legitimate logos and even providing phone numbers to an illegitimate customer service center operated by the scammers. The following are several ways you can protect yourself from being a victim of a phishing scam.
When it comes to phishing, the best line of defense is you. If you are mindful of potential phishing traps and observant of the telltale signs of a scam, you can better defend against a phishing attack. Here are some easy tips to protect yourself:
- Be cautious about all communications you receive including those claimed to be from "trusted entities" and be careful when clicking links contained within those messages. If in doubt, do not click.
- Don't respond to any spam-type e-mails.
- Don't send your personal information via email. Legitimate businesses will not ask users to send their sensitive personal information through this means.
- Don't input your information in a pop-up; if you are interested in an offer that you see advertised in a pop-up ad, contact the retailer directly through its homepage, retail outlet or other legitimate contact methods.
Scammers rely on their deception to entice users to willingly do what the phisher wants. Their deception is based upon resembling legitimate sites or trusted sources. These phishing scams can be very realistic and difficult to identify. However, there are some telltale signs that may indicate a phishing scam. By being observant of these, you can help minimize your risk of becoming a victim. Keep an eye out of these simple telltale signs of a phishing email:
1) The email has poor spelling or grammar.
2) The email asks for personal information.
3) You didn’t initiate the action. Example, receiving an email message informing you that you had won a contest or the lottery.
4) The message contains a mismatched URL. One of the first things you should check in a suspicious email message is the integrity of any embedded URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address (in Outlook). If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.
5) The use of threats or incredible offers is a common tactic that tries to elicit an emotional response from the user.
6) The URL does not match that of the legitimate site. Scammers cannot use the same URL associated with the legitimate websites, so they will tweak the address of their spoofed website so that at a quick glance it looks legitimate.
7) The URL may use a different domain name (e.g., .com vs .net vs .edu)
8) The URL may use variations of the spelling of the actual address
Communications and Network Services