What is Phishing?
Answer: “Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware.”
You’ve probably received an email requesting you to log into an account to verify a password or account information. If you check your SPAM folder you probably have a few in there right now. As a veteran in the financial services industry, financial institutions, of any kind, will never ask you through email, tweet, Facebook or any other social media to verify your account information.
Phishing schemes can get pretty complicated. They might create similar email addresses and copy entire websites all in an effort to dupe you into entering your personal information.
Phishing can lead to a pounding headache and extreme frustration. Additionally, being a victim of a phishing scheme could cost you time and money.
Image Source: Federal Trade Commission
4 Ways to Protect Yourself from Phishing Attempts
1. Verify the email address. Don’t click on links or download information from unknown addresses. Scammers are pretty good at masking email addresses as well. Look at the email address to verify it came from a legitimate source. Look for misspellings or foreign extensions.
For example: Accounts@BnkofAmerica.com.au. This example shows a missing “a” and an Australian domain extension.
2. Don’t click on links within email or pop-up screens. The best practice is to open up a separate browser and type in the URL yourself. Unsure of the URL? Give your credit union or bank a call or use google search to confirm. Avoid entering any information on pop-up screens.
I’ve made it a habit to always check for proper spelling of URLs and have bookmarked the companies I deal with for easier access.
3. Be mindful of social media requests. Never give out personal information through social network. Social networks are a great medium to collaborate but can also be misused by criminals.
Companies that have your sensitive personal information will never ask you to verify your account through such a public setting.
4. Communicate verbally or through secured chat. When giving out information make sure you’ve initiated the contact. Give your personal information over the telephone or through secured online chats.
Always keep in mind that there is no need to verify your accounts via a request from the financial companies. What tends to happen is that you’ll need to verify your identity when you initiate the call or request. It’s not the other way around.