What is a phishing scam? Phishing is an activity where criminals use emails to pose as legitimate entities and “phish” for sensitive information, such as passwords or account information, and target unsuspecting recipients. Natural disasters, such as Hurricane Irene, usually bring about a spike in phishing scams in the guise of charitable donation requests for those affected by the disaster. High profile stories about targeted Gmail users have appeared on every major news outlet including Dateline NBC.
It’s hard to imagine falling victim to one of these scams until it’s too late. Countless people are affected by phishing each year. In an attempt to prevent your information from ending up in the wrong hands, we’ve put together five ways to detect a phishing attack and avoid compromising your sensitive information.
1. Use a spam filter that does a good job at blocking phishing emails as well as spam mails. If you use a good spam filter, most large-scale phishing attacks will be blocked and will never arrive in your inbox. However it is still possible that a phishing email might get through, or that you become the victim of a “spear” phishing attack, which means that you are individually targeted instead of mass targeted. In that case the following the tips will prevent you from falling for these attacks.
2. The URL in the email can be faked to look like a familiar URL. If an email is in any way suspicious, hit the Reply button, right-click on the link and select ‘Edit hyperlink’. In ‘Text to display’, you will see the link that you see in your email. In ‘Address’ the real destination URL is displayed. If this is not a legitimate URL, do not click on the link.
3. Proceed with caution: be aware that just by clicking on a link in an email, your computer could be infected by a virus.
4. If you think the email is legitimate and have clicked on a link in the email, always check the URL path in the browser before you enter any information. Is the URL going to the company website or is this a different website? For instance in the case of the US government officials who were victimized by a phishing attack, the page asked for Gmail login information. If you are on the Gmail site, the URL should start with www.gmail.com. If it does not, this is a warning sign. Do not enter your details and leave the site.
5. Be suspicious of emails that ask you to update your details and emails that are claiming action needs to be taken right away. If you think the email is being sent by your bank or another institution, it is better to go directly to the bank’s website, rather than clicking on the link. Or better yet, call the bank to find out if the email is legitimate.
The bottom line here is to protect your information online the same way you’d protect your wallet or purse in real life. You’d never hand over your bankcard to anyone. It’s the same principal online. Scrutinize the credentials of anyone asking for sensitive information. Know how your trusted banks and companies communicate in order to stay ahead of the curve on phishing scams. If something seems too easy or too good to be true, then it likely is. Deep discounts on products and sites that seem to be pushing a sense of urgency to buy a product should be red flags. Educate others who you think may be vulnerable. And most of all, when in doubt, simply don’t share your information.
About Deborah Galea: Deborah Galea is the co-founder and chief operating officer of Red Earth Software, a leading email management software company based in Boulder, Colo. Galea is an expert in the growing field of corporate email management solutions involving eDiscovery as well as the compliance issues impacting almost every vertical industry, including financial services, legal, healthcare, retail and government. She has extensive knowledge of the legal issues relating to corporate email usage and has worked in the Netherlands, the U.K., the United States and Cyprus. Follow us on Twitter @redearthsoft,"like" us on Facebook (News - Alert) and check out our website: www.policypatrol.com
TMCnet publishes expert commentary on various telecommunications, IT, call center, CRM and other technology-related topics. Are you an expert in one of these fields, and interested in having your perspective published on a site that gets several million unique visitors each month? Get in touch.
Edited by Juliana Kenny