Phishing is the act of posing as a trusted entity in an attempt to obtain sensitive information. In a typical phishing scam, phishers send out emails (often appearing to come from a legitimate or trusted source) in an attempt to lure users into providing the requested information.
To protect yourself against phishing, follow these basic guidelines:
- Be wary of emails asking for confidential information, especially passwords or anything of a financial nature. Legitimate organizations will never request sensitive information via email.
- Don’t allow yourself to be pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant via another method to confirm the authenticity of their request.
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them.
- Never submit confidential information via forms embedded within email messages.
- Never use links in an email to connect to a website. Instead, open a new browser window and type the URL directly into the address bar.