Phishing is often a sophisticated email attempt to trick the recipient into first opening a fraudulent message and then revealing personal and financial information.
A phishing email usually arrives disguised as an email from a legitimate company or known person. Of course, the email is from one of the bad guys.
The bogus email might seek a payment and direct the user to a replica of a banking website, for example, or to a phony payment center of a utility company.
Phishing email also may be crafted strictly to lure a user to a malicious website, where malware would be installed through the user’s browser via an undetected download. The victim could then be monitored by a criminal enterprise in search of sensitive data.
Charity donations, online banking problems, or IRS inquiries are common themes in phishing scams.
Some Internet browsers have phishing and malware detection in their default settings, but not all. Don’t reply to or click links within texts, emails, or pop-up messages requesting personal information.
Some tips to help protect against phishing emails:
- Do not respond to any unsolicited e-mails of this nature.
- Do not click on any attachments associated with such emails, as they may contain viruses or malware.
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
- If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
- Don’t email personal or financial information. Email is not a secure method of transmitting personal information.
- If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
- Use anti-virus software such as VIPRE and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.