What it is:
Phishing is an email scam that asks you to verify personal information using replicas of existing web pages.
What it does:
Since the pages appear to be legitimate, many people are deceived into entering personal, financial or password data. Phishing scams often try scaring you into action by threatening to close accounts if you don’t respond.
How to protect yourself:
If you are suspicious of phishing based on the sender or subject details, don’t open the message. If you do open it, do not open attachments or click links and don’t respond if prompted to verify your information. Updating your virus protection software and your computer operating system also will be helpful against these scams.
Common phishing scams:
The Federal Trade Commission (FTC) gives these examples of phishing messages:
- “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
- “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
- “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
Click here to read more about what the FTC advises to avoid phishing.
Also be aware:
There is a second type of phishing known as “spear phishing” where a user receives a fake email from a hacker posing as a colleague or friend. The email contains a dirty link or file corrupt with malware. If you receive an email from someone you know that seems out of the ordinary (misspellings when there typically aren’t any, they are not making sense, they make an unusual request, etc.) or an email containing only a link, do not open it or respond. In this type of scam, the fake email may even appear as the exact email you typically receive from this person.