Phishing scams involve tricking people to reveal confidential data which can then be used for fraud. This includes getting usernames, passwords, credit card details, and other things.
Phishing has quickly become a huge problem and continues to become more sophisticated.
It's not all bad news, and the good news is that you can defend yourself against phishing attacks and you can learn how to avoid phishing scams.
Don't Share Confidential Information
Be very wary of emails and websites asking for confidential data. If something doesn't seem quite right, then you should be careful. For example, your bank will never send you an email and ask you to confirm your password and PIN for "security reasons". So treat such emails and websites as suspicious.
When you visit a secure website, you'll see that there is a padlock in the address bar of your browser. The website's address will also start with "https" instead of "http". If you don't see either of these things, do not enter any personal information as it will travel across the internet unencrypted and could be intercepted and read by anyone.
Even secure websites could be phishing scams. It costs less than $50 to buy an SSL certificate for a website and fraudsters may also use them to make their fraudulent websites look more credible.
Be careful with generic emails which start with "Hello friend" or "Sir/Madam". Most people from legitimate businesses who contact you will personalize emails and use your name and appropriate greetings.
Phishing emails are often littered with bad English. There are usually many spelling, grammar, and punctuation mistakes in phishing attempts. Emails asking for private information which contain a lot of mistakes should be treated as suspicious.
Fraudsters will try to lure you to a website where you can type your personal details. They may try to make the website look like your bank or another familiar website to try and trick you. Many anti-virus programs can detect these fraudulent websites and warn you before you visit the site. Some can also scan your emails before you open them.
Over the Phone
Fraudsters are always creating new ways to steal your personal information and some will even call you directly at your home. They may claim to be calling from your bank or another company and try to get you to reveal personal information over the phone.
One popular scam involves a caller pretending to be from Microsoft and there is a problem with your computer and they have called you to help you fix it. They will then try to trick you into installing some malware which can be used to log everything you type into your computer including usernames, passwords, and other sensitive information.
Never enter confidential information into forms which have been embedded into emails. People who send phishing emails are often able to track what you typed.
Don't use public Wi-Fi networks to access sensitive websites. Hackers can spoof websites and redirect you to a malicious website to steal your information. Only use private networks such as your home network or your mobile data to access your online bank accounts.
If you are the target of a phishing campaign, you should report it to the relevant authorities or the company concerned. If you receive a suspicious email from someone claiming to be from your bank, contact customer services and report it as they will be in the best position to investigate the suspicious email.
Phishing is a method used by cyber criminals to try and steal your personal data. This type of attack has become very popular in recent years and you should always be alert when asked for confidential information. Learn how to protect yourself from phishing attacks by identifying suspicious emails and websites.