What is phishing?
Phishing (pronounced “fishing”) is a form of online scam where “phishers” attempt to gain customer account information such as user names, passwords, PINs (Personal Identification Numbers) or Social Security numbers. This is accomplished by creating official-looking emails with pop-ups or links that appear to be from your bank, online retailer or government agency. These deceptive communications are the tools the phishers use to attempt to gain your confidential information.
How does Phishing work?
These phony emails often use phrases such as “your account may have been compromised,” “your account is in violation,” “we need you to verify your account information” and other variations. These emails will then usually offer links where you can access your account to prevent adverse actions such as account closure or a freeze on an account’s assets. These links will then connect you to a site that will oftentimes look identical to the business site the email refers to. These sites, however, are forgeries created to trick users into logging into the sites with their genuine user ID and password. Once the phishers have obtained this information, they can then go to the real website and transfer, withdraw or redirect the funds to another location. Then when the customer logs into their account again (on the real business website), they are surprised to find all of their assets are gone. In addition to loss of funds, there can also be adverse credit affects which may take weeks or months to resolve.
How can I protect myself from Phishing attacks?
The most important thing to remember is that no reputable business will send you an email requesting your personal account information. Any email you receive asking for this information should be considered phony and brought to the attention of the business being phished.
Another way to further protect yourself is to keep your Operating System and Internet Browser software up to date. Phishers often use software vulnerabilities to further mask their deception on their fake websites.
Also, antivirus software can often detect methods used by phishers attempting to steal your information. But it is imperative that your antivirus software be updated as frequently as possible.
Finally, if you are unsure as to whether or not an email or message is legitimate, call the company directly. That way you can be sure that you are speaking with a representative of that company and that your personal information will not be compromised.