Hot on the heels of our recent post about SSL certificates, I have read with interest another security story about the dangers of phishing.
In case you have not come across it before, phishing is defined as “the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication”.
A good example would be:
An email arrives in your inbox from your bank explaining there has been an issue with your account and that you need to log in to verify a couple of pieces of information. The email provides a link that directs you straight to a login screen.
The email looks trustworthy as it is well written and contains the bank’s logos and details. You follow the link provided, to a website which appears to be legitimate, and you enter the relevant details required without giving it a second thought.
Next thing you know, large sums are missing from your account and you have no idea why.
Avoiding becoming a victim of phishing is not too difficult; you just need to be vigilant when you receive emails asking for personal information.
Here are my top tips to avoid becoming a victim of phishing:
1. Read emails carefully – if they are full of grammatical errors or spelling mistakes, they should not be trusted.
2. If you have been asked to log into any online account, navigate to that website yourself – do not click any links provided.
3. Be aware that many banks will specify the kind of emails they will and will not send to you. Some even guarantee that they will never email you to ask you to login to your account.
4. Check the legitimacy of the site you navigate to by viewing the details of the SSL owner.
5. Use a web browser that provides anti-phishing support and which protects you from known fraudulent websites.
6. If in doubt, do not provide personal information and speak directly to the supposed source of the email.