Avoid being Hooked by a Phishing Scam

October 08, 2018

The email from your bank looked so convincing! The logo was right. The colors were right. Even the linked URL seemed legitimate. You never suspected that this official-looking email would leave you with drained bank accounts.

Phishing—the act of luring you into a damaging scam through the use of counterfeit email and websites—has been around for more than ten years.

Phishers can impersonate any organization—your bank, credit card company, retailers, even your university. But, with a little caution and elevated awareness, you can avoid becoming a victim. These warning signs and tips are excellent starting points.

  • Limit what you share online. The less you share about yourself, the smaller the target you are for a phishing attack. Cybercriminals use information you post online to lull your suspicions.

  • Protect your credentials. No legitimate company or organization will ask for your username and password or other personal information via email. Your school definitely won't. Still not sure if the email is a phish? Forward the suspicious email to [email protected].

  • Confirm identities. Cybercriminals steal organization and company identities, including logos and URLs that are similar to the links they're trying to imitate. To protect yourself, never click on a link provided in an email. If the email claims to come from a company you already deal with, use your own bookmarked link or search their site online to be sure you are going to the real thing.

  • Watch out for minor errorsMany phishing attacks originate outside the United States, written by people for whom English is a second language. This sometimes results in misspellings, awkward phrases, or just plain bad grammar. Be suspicious if you see any of these signs.

  • Who sent it?  Check the sender's email address. Any correspondence from an organization should come from an organizational email address.

  • Beware of attachments. Email attachments are the most common vector for malicious software. When you receive an unexpected message with an attachment, delete it.

  • Beware of all links. A common scam is to send you a fake invoice for downloaded books, music, etc. The emails instruct you to click on a link if you didn’t order that merchandise or service. If you do, they will gain access to your computer. It is so tempting to say, “No, I never ordered that!” Don’t give in. Just ignore and forward it to [email protected]

It is hard to be constantly on guard against phishing attacks but following these suggestions and staying alert to the warning signs can go a long way to protecting yourself.