Being the victim of a phishing scam is a scary thought; no one wants their identity stolen. How can you learn to differentiate between legitimate emails and scams?
You’re probably wondering where it gets that weird name in the first place. As the Webopedia Computer Dictionary says at the end of its definition of “phishing”:
Phishing, also known as spoofing or carding, is a variation of “fishing,” the idea being that the bait is thrown in the hope that while most will ignore it, some will be tempted to bite.
Wikipedia.org, however, goes into a bit more detail about how and why phishing scams work:
In computing, phishing (also known as carding and spoofing) is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card data, by posing as a trusted person or company in an apparently official electronic communication. , such as an email or an instant message. The term phishing stems from the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords.
Some of the most common phishing scams are PayPal and eBay; By now, everyone should know that any email purporting to come from these two companies and requiring you to log in via a link in the email is anything but legitimate. But what about the ones that come from your specific credit card company, bank, or other company you do business with?
There is one piece of advice I can give you, one thing you can always remember when trying to decide if an email is fake or legit: you can be sure that businesses, financial institutions and credit companies will NEVER ask you for your account information. via email!!
That bears repeating and clarifying further: ANY EMAIL THAT REQUIRES YOU TO “LOG IN” FROM THE EMAIL, THEREFORE HAVING TO TYPE YOUR ACCOUNT NAME AND/OR PASSWORD, IS NOT LEGITIMATE!
If you have any doubts about whether the email in front of you is real and you’re concerned that your account may be suspended or terminated (as many of them threaten to do to “scare” you into revealing your information), open a new window browser and type the company/institution URL in the URL bar. Go directly to the site; never click on the links provided in the email. You can also call the company/institution in question and ask if there is a problem with your account and if they have tried to contact you.
Even for a seasoned veteran like me, fake emails are very hard to spot. Take this great phishing intelligence test offered by MailFrontier. I got less than half correct, and I know what to look for!
Remember the simple rule of thumb given above (no clicking links in emails, companies won’t ask you for personal or account information via email) and you should be fine, even if (like me) you failed the test! phishing intelligence!
The best protection -always- is to be informed. Learn as much as you can about phishing and pharming – stay on top of the latest attacks and the most common fake emails in circulation. And, always be careful giving out our personal and account information online!
From homecomputersafety.com