Avoiding a Phishing Scam
What is email phishing?
Email phishing is when an attempt is made to fool an email user into giving out personal information - such as login credentials - typically at a fake website that is identical or almost identical to the legitimate website. Once this private information is entered into the phishing database, the individual behind the phishing operation will then attempt to spend money associated with the account, or to extract any funds linked to the account.
How do you know if you are being phished?
That is a good question, because most phishing emails resemble legitimate emails from reputable companies. Expert phishers use an almost perfect copy of an authentic message, so they can get their "foot in the door" with unaware victims.
There are several ways to identify if an email is a phishing scam:
First, use the tools provided by your email service. Hotmail, for example has a feature that allows reputable companies to send messages as a "trusted sender". This is shown in the Hotmail inbox as a green shield, with a check mark inside the shield.
In your email inbox, there may be many emails sent by a specific company, for example. Only the ones with a "Trusted Sender" shield are from the legitimate company. All of the rest are phishing emails. Since phishers do not have the ability to send emails with the trusted sender symbol, but they do have the capability of sending emails with attachments (indicated by a paperclip logo), and they can send emails as high priority (indicated by a red exclamation point.
In this case, the phisher attempts to create a diversity in the emails by making some of them high priority, with, for example, a red exclamation point. However, they are not any different from the other emails. All other emails could be fraudulent phishing emails.
Second, use common sense. .By using email headers, you can track the country of origin for these emails. In Hotmail, you can right click on a message received and "View message source". Then, copy the information provided in the window that opens after you clicked on view message source. Paste this information into an IP Address Detection Script (which can be found online). This will locate the IP address of where the email originated from. From there, you can use an IP address tracking program to trace the country of origin. Using common sense will tell you that if the country of origin is not the U.S. for a specific sender, then most likely the email you received is not a legitimate email.
Third, understand how phishing scams work. By knowing how phishers get your personal information, you are able to better protect yourself. Please note: Most companies will not ask you for your personal information in an email. If a company you do business with asks for your personal credentials, call them on the number you have written down on a document they have provided when you first set up your account. Never call any numbers contained within an email. Phishing scams will attempt to redirect an unsuspecting person to call, or email personal information to a fraudulent representative. The most common way this scam works is by providing a phone number or an email or fake website that is different from the legitimate version.
Many emails you receive will look very real. They will appear to read exactly like a legitimate email from a reputable source. However, if you hover your mouse over the links in an email, the redirected URL is not the same as what you see. The redirecting link may be similar, but it actually is the site where they ask for you to login to your account. At that point, if you enter your personal credentials, they have what they need to gain access to your account. Know how phishing scams work, so you can better protect yourself.
By using the tools provided by your email service, using common sense, and understanding how phishing scams work, you will successfully protect yourself from phishing email scams. So remember: Never give out your personal login information or credentials to anyone online. This piece of advice will keep you safe, and protect you online.