We’ve made some helpful suggestions for finding the best antivirus protection for your devices, but some defenses require a bit more training. As one of the oldest scams in the book, phishing is still prevalent today, accounting for over $30 million stolen from defrauded people in just one year. This is our quick guide to make sure you know how to identify and protect yourself against phishing scams, something that antivirus programs might not even catch.
What is phishing?
Phishing (pronounced just like “fishing”) is defined as “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.” These are often masked as emails or even text messages from a utility company, bank, or government agencies. Most legitimate emails from these kinds of sources are often encrypted (you can tell by a locked padlock somewhere up in the subject line or web address of most emails and their clients) but phishing emails might already (but not always) be marked as unsecured.
How to recognize a phishing scam
While it may take a bit of practice, most scams are pretty obvious if you read the message: misspelled names, asking for verification of personal information they should already have on file, and password reset requests for accounts when you didn’t ask for a reset are all big red flags. Legitimate correspondence will often have reminders saying that the company or individual in question will never ask for certain types of personal information so to see them attempt to do so means you’re most likely dealing with a scam.
What to do if you suspect a phishing attack
First and foremost, WHATEVER YOU DO, DO NOT CLICK ON ANY LINKS OR OPEN ANY ATTACHMENTS. We cannot stress this enough. Phishing scams succeed by users unwittingly downloading malware, whether through an email attachment or through the link included in the email itself.
If the email comes from an unknown party (i.e. you don’t have an account with the bank they claim to be), it’s more than likely a phishing scam. If the email is from a party you know or do business with, contact that company or person directly to ensure the email is real. The same goes for any weird messages you get through social media with random links — ALWAYS ASK IF YOU’RE UNSURE AND DON’T CLICK UNTIL YOU ARE.
What if I accidentally clicked on a phishing link?
Update your device’s security software and run a scan. If you fear the safety of your personal information including your social security number, credit card, or bank accounts, contact IdentityTheft.gov immediately and make a claim. You should also report the phishing email or text message to the Federal Trade Commission for further review; you can do so via https://www.ftccomplaintassistant.gov.
Phishing may be scary but once you get used to identifying scams, it becomes a matter of common sense: don’t click on links you don’t trust, don’t download files that you’re uncertain of, and don’t hand out your personal information to people who don’t need it. With that and regular security updates and scans, you’re that much safer while enjoying the Internet.