The numbers don’t lie: phishing scams are on the rise. Not only that, but they have also become much more sophisticated. Even security professionals have been fooled into taking the bait.
Fortunately, users like you and me can stay safe from phishing scams. Simply take these tips to heart the next time you’re going over your emails to keep you from becoming a victim of such a cyber crime:
Be wary of shortened links
Cyber criminals often use shortened links to inadvertently direct users to a fake site that may be infested with malware. Do a quick inspection of the link before clicking the next time you see one on social media, a website, or in your e-mail.
In case you see a sketchy link in an email, hover your mouse over the suspected link to see if it’s similar to the one that appears in the text. Be very cautious when they don’t.
Be skeptical at all times
Unless you’re absolutely sure that a message is a legit one from a company you’re affiliated with, assume that it’s not. Your best bet is to err on the side of caution every time to avoid phishing scams.
To be sure that an email is legitimate, login to your account. A message may often be sent to your account when there’s something wrong with it. But do so ONLY after closing your email client and restarting your browser. There have been cases when attackers send malicious scripts or redirect users to a different site when they click on legit-looking emails.
Reread any suspicious email
Most phishing scams make themselves fairly obvious in e-mails. You’ll easily notice that they’re filled with typos, exclamation marks, and words written in capitals (for emphasis). They may even have an impersonal greeting (e.g. “Dear Sir/Madam” or “Dear Customer” salutations).
These intentional mistakes often help cyber felons bypass spam filters, bait the “smart” recipients, or improve responses. However, you know better than to fall for unpolished business correspondence.
Get a browser that protects you from phishing scams
The latest generation Firefox, Internet Explorer, Chrome, and other web browsers now come with built-in protection fromphishing scams. To be doubly safe as you go surfing, though, use any of the most secure web browsers today.
These browsers often analyze websites and compare them against suspected or known phishing sites. Consequently, they warn you when you’re visiting one that may be malicious or shady.
Watch out for deadlines and threats
Threats and signs of urgency coming from what claims to be a legit company may often be a tell-tale sign of phishing scams. Those threats include notices that your account may be closed for some reason or a message about you incurring a fine.
Ignore these scare tactics entirely. Contact the company in question separately through trusted and known channels to be sure you’re not missing anything.
Verify account concerns the traditional way
Instead of replying to everything by email, why not pick up the phone and give a company a ring? Responding with your personal details on email poses a bigger risk compared to calling customer service. It’s among the few instances when doing it the old-fashioned way is the better choice.
Once you get a company representative on the line, verify the content of the suspicious email to know if there’s truly any problem with the account. If there’s no problem whatsoever, it’s in your best interest to report the phishing scams to them.
Be on the lookout for HTTP
Use a secure website whenever you’re browsing or submitting sensitive information (e.g. credit card details) online. Simply look for the lock icon in the browser’s address bar along with “https://”. Those two indicate that you’re on a private and secure portal.
Never use public Wi-Fi for shopping, banking, and submitting personal info, too. They may be convenient (and free), but you’re more vulnerable to hackers, snoopers, and phishers that way. If you’re on the go, a safe alternative would be to use your mobile device’s 3/4G or LTE connection.
Exercise logic while you’re online
Email may be a convenient way to communicate, but banks and any legitimate organization WILL NEVER request sensitive information through this channel. Keep that in mind the next time you see PayPal or financial organizations warning you about fines, account disqualification, etc.
Another thing to remember is to NEVER download files, click on links, or open attachments in emails or social media no matter how legit the message may seem.
Report any suspicious activities and phishing scams to authorities
Although you’re free to just send them right to the trash, phishing scams or suspicious emails are better off reported to authorities. Phishing scams and activities may continue for as long as their wrongdoings stay under the radar, so your cooperation could save others.
Report any shady emails to both your ISP and the Federal Trade Commission (FTC) at www.ftc.gov.
Phishers and cyber criminals have been having a field day all year. While they have technology and cunning on their side, netizens like you and me can keep them at bay simply by remaining smart and vigilant against their relentless schemes.
To protect yourself better on the web, get to know some common types of online fraud or learn how to avoid phishing scams on Facebook.