One of the more common scams targeting consumers today is a phishing scam. Despite their notoriety however, many people are unfamiliar with what they are. Phishing is an attempt to gain your personal or sensitive information via deception on a virtual interface. This article will let you know how to spot them and how to stay safe from an attack.
To spot a phishing attempt, it is first important to recognize the variety of forms they can take. The following is a list of the various forms of phishing:
- A classic phishing attempt is just a plain and untailored attempt to get information. The “Nigerian Prince” scam is one of these. They are relatively crude and their success rate has been decreasing in recent years as consumers wise up. They often take the form of an e-mail.
- Spear phishing is an individualized attempt to gain access to your information. An e-mail or web page is tailored to your specifics, such as your bank account, address, or other information in order to seem more believable.
- Clone phishing is when a specific web page or e-mail is duplicated to appear like the real thing. Often, link manipulation will be used and a “mirror page” will be set up in order to deceive the consumer.
- A mal-ware based phishing attempt refers to scams where malicious software is snuck into a user’s PC or Mac and information is relayed via the software. There needs to be some sort of introduction to get the mal-ware into your computer, which can take many forms.
- Key-loggers track keyboard input. Whenever you go to a web page to enter account information, a password, or other sensitive information, the keystrokes will be tracked and relayed to hackers. These are often done on public computers or through mal-ware.
- Man in the middle phishing attempts involve a compromised data access point, ranging from cell towers to Wifi routers. All data that passes through the compromised point is filtered and analyzed for useful sensitive information.
Now that you have an idea about the types of phishing attempts, here is some helpful information regarding how to spot and protect yourself against them:
- Use “https sites” or other forms of encryption. There are abundant resources out there to help get you started with this.
- Be wary of any suspicious links, especially in your email. This is the primary way that malware gets onto your computer. Anytime you open a link or download something, make sure you know and trust the site it’s coming from. If an unknown source tries to upload an .exe, .zip, or other atypical file to your computer, delete it before opening.
- Think twice before providing any confidential information, including passwords, SSN, and anything else that may be useful for hackers to access your sensitive information. This can range from checking account information to all the way to seemingly innocuous information like your mother’s maiden name or your elementary school.
- Use a spam filter in your e-mail. You may filter out useful e-mails periodically, but you can always view your spam folder and mark these as “not spam.” The majority of filtered e-mail will be junk mail or phishing attempts anyway.
- Always check the URL of a site. A common way for hackers to initiate a clone phishing attempt is with a “mirror page” that looks identical to a legitimate web page, with the only difference being the URL is off.
- If in doubt, contact the institution in question via phone before filling out a form
- Avoid public computers and unsecured WiFi entirely when accessing important accounts like online banking or an e-mail account containing sensitive information.