Phishing is a scam where Internet fraudsters request personal information from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. In many cases, the email has been made to look exactly like a legitimate organization’s email would appear complete with company logos and other convincing information. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click the link to a site that only looks like the real thing.
If you click on the link to go to the phony website and enter all of your information, you’ve just been the victim of a phishing attack. The fraudsters have just captured all the necessary information to access your accounts online. No reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site. Follow these guidelines to protect yourself from phishing scams:
Never click on a suspicious link
Suspicious links can be easy to spot. Any time a business or unknown contact is requesting that you provide them with personal information, avoid these links.
Pay close attention to the URL
The URL (Internet address) behind the link is another great way to catch a scammer. Often in phishing attempts, if you hover the cursor over the link, the true link destination has nothing to do with the actual company they claim to be.
Report any phishing attempts
If you are unsure that the request is valid, open a new Internet session and manually key in the business’ web address. If the business genuinely needs information from you, they will have you log in to your online account to see the request. In most cases, you’ll just be greeted with a message indicating that the business will never email you requesting personal information.