Use these practices to avoid handing your personal information to a criminal.
Scam artists often go “phishing” for private information. They’ll send you an e-mail which appears to be from a legitimate source, like a bank or a government agency, give you a form or a link that looks authentic, and then ask you to provide personal information. Before you know it, you’re a victim!
Here’s what you can do to avoid taking the bait and falling prey to phishing scams.
Be suspicious of any e-mail asking for personal information. Phishing e-mails typically include upsetting or exciting language to get you to react without thinking, such as “Your password is about to expire—respond now.” They’ll ask you for usernames, passwords, credit card numbers, Social Security numbers, date of birth, or other personal information.
Be cautious about using the links in e-mails, instant message, or chat. If you suspect that the message you received is not authentic or if you don’t know the sender, do not use the links in the e-mail. Instead, call the company or type the website address directly into your browser.
Avoid completing and sending back e-mail forms if they ask for personal information. Instead, use a secure website, phone call, or an office visit to communicate with financial institutions and other organizations.
Double check the security of any website you use before you supply information. Phishers can forge two indicators of a secure site: the https:// and the yellow lock. Instead of using the provided link, always type the web address of your financial institution directly into your browser. To test the security lock, double-click the lock to display the security certificate for the site. If any type of warning displays, such as “the address of the site does not match the certificate,” do not continue.
Examine the address bar in your browser. For example, if a link directs you to PayPal, notice what the address bar displays. If you see something like http://www.scammedyou.com/paypal/login.htm? don’t continue.
DID YOU KNOW?
According to the Anti-Phishing WorkGroup (AWG), more than 65,000 phishing sites were detected in December 2015 alone.
Log on regularly to your online accounts. Make it a habit to log on regularly and check your accounts to verify that all transactions are legitimate.
While you can’t stop phishing attempts, you can refuse to take the bait. Exercise caution, verify your sources, and provide information only when you know you’re putting it into the right hands—those of organizations like ours who put privacy and security first.