Phishing scams are everywhere and are growing at an astounding pace. According to Webopedia.com the definition of phishing is “the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.”
The most common form of phishing is an email that requests for you to verify, update or confirm something for an account. Oftentimes, the email is accompanied by an official logo of a company with all links contained in the email looking like they are from the official company.
The email will request for information like your login name, password or even your social security number. Emails with such requests should never be taken seriously, companies and financial institutions would never request such information via email.
So, how do you distinguish an email from an illegitimate source from an email from a verified, official source?
1.Let’s face it, sometimes scammers aren’t the “brightest crayons in the box,” therefore spelling and grammar errors often occur in phishing emails.
2. If an email asks for usernames, passwords or other sensitive information, chances are, the email is phishing. Companies will never ask for sensitive information like this via email.
3. Check the links in the email. Scroll your mouse pointer of the links in the emails, but be careful not to click them. Notice in the bottom gray bar of your browser that it will have a link. This link is where the link will actually go to. Just because the link says www.ourcompany.com does NOT mean it will be directed there. You can also do the same thing for images that act like links, again, just be careful not to click on the before you know if the email is phishing or not. No matter how legit links look, ALWAYS type the link directly into your web browser.
4. After typing the link into your browser, if the page that requests for you to log in or enter other sensitive information, be sure that the page is a secure page. You can verify this by confirming that the address in the address bar has an https, not just http.
In the unfortunate case that you happen to fall victim to a phishing scam and have given away your sensitive information, notify the companies that you have the accounts with ASAP. Also, even if you do not fall victim to a phishing email, contact the company immediately and let them know that you have received a fraudulent email. Many companies have areas on their website where you can submit the claim to, or an email address that you can forward the email to.
No-IP Managed Mail offers superb protection against spam and phishing attempts with our acclaimed spam engine and extensive RBL lists. We even have our No-IP Anti-SPAM ECR which takes your spam protection one step further by requiring unauthorized senders of email to respond to an authorization email.
Questions or comments about phishing? Leave them below!