Phishing is the act of attempting to obtain sensitive data, such as login credentials, credit card details and other forms of personal data, generally with the malicious intent.
It can sound intimidating and frightening, and the impact of becoming a victim of phishing scams can be significant. Fortunately, there are steps that you can take to protect yourself from these sorts of scams.
Examine the Content
Always be diligent in examining the content of any official-looking email that asks you to perform a particular action, such as logging in to a website or calling a “support” number. Emails that use generic greetings rather than your name or that contain numerous spelling and grammatical errors should be particularly suspect.
Check the Sender
Many phishing emails generally attempt to use official-looking names in the sender, but if you take a closer look at the sender information, you’ll often find unexpected or suspicious email addresses. Be especially wary of:
- Addresses from free services such as gmail or yahoo. Official businesses will not contact you using these types of email addresses.
- Addresses that attempt to appear official, but which do not match official institution domains. Potential examples: pay-pal.com or td-bank.net.
Be Wary of Urgency
Be wary of any emails that attempt to incite a sense of urgency—especially if you have not previously heard anything about the issue. Phishing schemes often attempt to use fear and urgency to pressure you into taking an action that you would not normally undertake.
Suspect Requests for Sensitive Data
Always be wary of any request for sensitive data. Remember that your bank or credit card provider already have your account numbers. Credible online services already have your login information. They should never ask you to supply these, especially not over email.
Trust Your Doubt
If you have any doubt about the authenticity of an email, trust your instincts. Contact the company or institution that seems to have contacted you. They should be able to help you determine the validity of the message.
Not Just Email Phishing
While email scams are the most popular form of phishing, we also recommend that you be wary of any form of contact that requests sensitive information. Apply these same principals to all forms of contact, and be especially wary of unexpected requests for information over text message (SMS), social media or instant messaging services.