How to avoid a phishing attack
Perhaps you have heard people talk about phishing, but you don’t really understand what it is. Simply put, phishing refers to the act of trying to get personal information under false pretenses. Phishers who initiate these attacks may try to get usernames, passwords, bank account information, credit card details, and more from their victims – ultimately resulting in identity theft.
Phishing attacks usually occur through an e-mail that looks like it’s from a legitimate source. The e-mail (or website or phone call) will appear to be coming from a place the victim recognizes, like their bank, credit card company, or even a social network site. Thinking the source is legitimate, the victim will then answer questions or enter information that gives the phishers their personal details.
The crude, poorly formatted phishing emails of a few years ago have largely been replaced with professionally designed phishing attacks that are hard to distinguish from legitimate messages without careful examination. Understanding that these types of attacks occur allows you to be on the lookout for them. Here are a few specific tips for recognizing a phishing attack:
- Legitimate businesses or financial institutions will rarely ask you for your personal information by e-mail.
- Phishers often use scare tactics and emotional language to intimidate their victims into responding. For example, “You need to respond now, or we will put your account on hold.”
- Phishing e-mails often have spelling and grammar mistakes. While reputable organizations proofread carefully, phishers do not.
- Links in phishing e-mails might be not quite right. For example, an O being replaced with a zero or additional text at the beginning or end. Before you click on a link, hover over the text to see where it is pointing.
If you think you’ve received an e-mail that’s an attempt to get your information, you could just delete it. However, if you’re concerned that it could be legitimate, your best option is to contact the company directly through other means. For example, if you receive an e-mail that looks like it’s from your bank, but you’re not sure, call the number on your statement. That way you’ll be sure the person on the other end is who they say they are.
It is better to be safe than sorry when it comes to your security.
Ray Wills is the security officer at F&M Trust.
Join our e-newsletter
Sign up for our e-newsletter to get new content each month.