There are many dangers lurking on the internet, and the masterminds of the dark web spare no one when trying to find data and personal information that can be exploited. One of the most common threats is a phishing scam, a ploy in which a fraudster is fishing to gain access to your personal information.
Through fake emails or fake webs site that look like some of the more trusted companies like PayPal or eBay, they trap people in sharing their information. Most of the schemes will try to trick you into giving your user name and password so they can gain access to the account online.
Once they have the information, they will commit identity theft. They empty your bank accounts, hack into your emails, make purchases with your credit cards, and lock you out of your online accounts by changing the passwords.
To Trust or Not to Trust?
It can be difficult to tell the difference between legitimate senders or websites and those that are intent on doing no good. The first sign of potential trouble is receiving an email or instant message from someone that you don’t know. If the information is directing you to sign in to a website and the message includes a hyperlink, it could be a sign that a phishing scheme is underway.
Spoofed sites (also known as phishing websites) will trick you into thinking you have reached a legitimate website, and the design, colors, fonts, and other information are remarkably similar. However, inputting your login information gives them access to your account on the real site. It is really easy to make this mistake, as phishers are becoming more advanced in their replication techniques.
You may not even realize your data has been compromised until its too late. While relying on a credit management tool can keep you aware of any suspicious activity on your credit accounts, knowing how to spot phishing schemes can prevent this headache.
The Signs of a Phishing Email
1. Unrecognized Sender That Seems Official.
Many times a fraudster will create a free email address that looks similar to a company’s name or official email address. These can be confusing but look at the home location. If you don’t recognize the sender and account seems too coincidental, you can always check the address against the home location it is pretending to be associated with.
2. Generic Customer Greeting.
A phishing scheme sends out thousands of emails at a time, and the greeting or salutation line will be generic. Be wary of emails that begin with “Dear Valued Member” or “Dear Customer.”
Communication from a legitimate account holder will often have the last few digits of your account number to validate the connection. When in doubt, always make a phone call and verify if a company has been trying to get in touch with you.
3. Urgent Action Request or Required.
Many times a fraudster will try to urge you into action by sensationalizing their material with a deadline or an urgent call to action. These prompts are designed to elicit knee-jerk or emotionally-driven responses that don’t logically think through the response or legitimacy of the claims. You will see this a lot with debt management or vehicle warranty fraudsters.
4. Fake Website Links.
As mentioned, sending emails that contain links to bogus websites are some of the most common ways phishing scams take place. Logos can be an easy thing to mimic, so the fake might be convincing. You need to look more closely at the website address.
It might be the right company name, but there location or domain where the site is hosted may be wrong. At first glance, the URL may look right, but there could be an extra forward slash or underscore in the name. Additionally, many browsers will include a sign of a secure link, such as an icon of a padlock in front of the URL.
If you ever see a URL without the padlock icon, take great care before entering any personal or financial information. There may also be spelling errors, inferior graphics or poor grammar on a spoofed site. It does take an extra moment to ensure your data is safe, but caution is worth the investment.
5. Private Information Requests.
Phishing schemes don’t work unless the fraudster gets to access your personal information, and sometimes the tactic is to brazenly ask for your info. A legitimate company won’t ask you to verify your information in an unsolicited email, nor will it have you provide your confidential information through an email.
You will often be directed to call the company directly or access your online account for a secure transaction. The phishing email may also have an attachment that contains a virus or malware to infect your device and transmit the data back to the phisher.
Signs of a Phishing Website
As cybercrime continues to grow, it becomes much harder to stay alert to discrepancies. The adjustments to URLs or company names are sneaky, often not being recognized until you have entered the data the phisher is looking for. Some of the most common Web address mistakes are using a number 1 rather than a number l in an address, a character or symbol placed before or after the company name, a common misspelling of the company’s name.
A URL may also be missing the forward slash (/) or the “s” in the HTTP address portal. Phishing websites are also infamous for the pop-up windows that immediately asks for your password and username. The scam might be to direct you to a legitimate website but use the pop-up to hack your information.
Be Safe Rather Than Sorry
Using a browser that offers an anti-phishing detection can help steer you clear of phishing sites. Using a fake password on a site that doesn’t feel right is another way to keep a fraudster off your trail. A fake password that appears to let you into the site is a sign that the website is fraudulent.
Always checking the browser bar for the sign of the locked padlock can be helpful in assessing the legitimacy of the site, although this isn’t a foolproof method. Use common sense and extreme caution whenever you input your confidential data online.