Don't Fall Victim to Phishing Scams

In today's increasingly technology-driven world, the Internet plays a large role in spreading information. Unfortunately, there are always people who are out to take advantage of others, and the Internet is no exception. Sly “cyber-criminals” misuse the Internet to carry out their criminal attacks. They set out to deceive users into revealing their sensitive information unknowingly, which can result in substantial financial loss.

These attacks — called phishing — are one of the most serious problems that a user can face on the Internet and they have been growing at an alarming rate. According to a report published by EMC Corporation, the total number of phishing attacks launched in 2012 was 59% higher than in 2011. The global financial loss from phishing attacks is estimated to be around $1.5 billion in 2012, representing a 22% increase from 2011.

What Is Phishing?

Phishing is a fraudulent act of deceiving users to acquire their sensitive personal information: usernames, passwords, social security numbers, bank account/credit card details, etc. Phishing attacks are usually carried out via fraudulent e-mails, fake websites and phone calls, malicious programs, rogue applications, etc.

How Can I Avoid Phishing Scams?

1. Guard against spam. Be especially cautious of emails that:
• Come from unrecognized senders.
• Ask you to confirm personal or financial information over the Internet and/or make urgent requests for this information. A legitimate organization — like your bank, or a major store — will never ask you to confirm a problem with your account via email.
• Aren’t personalized and try to upset you into acting quickly by threatening you with frightening information.
• Are poorly phrased or spelled. 9 times out of 10, if you receive an email in
broken English from someone you don’t know, it’s probably a scam.
2. Communicate personal information only via phone or secure websites. When conducting online transactions, look for a sign that the site is secure such as a lock icon on the browser’s status bar or a “https:” URL — where the “s” stands for “secure” — rather than a “http:”. Also, beware of phone phishing schemes. Do not divulge personal information over the phone unless you initiate the call. Be cautious of emails that ask you to call a phone number to update your account information as well.
3. Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender. Take a minute to read and examine the whole email message before clicking any links.
4. Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account, or to the person’s account to whom you are emailing.
5. Beware of links in emails that ask for personal information, even if the email appears to come from an enterprise you do business with. Phishing web sites often copy the entire look of a legitimate web site, making it appear authentic. To be safe, call the legitimate enterprise first to see if they really sent that email to you. After all, businesses should not request personal information to be sent via email.
6. Beware of pop-ups. Never enter personal information in a pop-up screen. Do not click on links in a pop-up screen, do not copy web addresses into your browser from pop-ups. Legitimate enterprises should never ask you to submit personal information in pop-up screens, so don’t do it.
7. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software. Do some research to ensure you are getting the most up-to-date software, and update them all regularly to ensure that you are blocking from new viruses and spyware.
8. Check your online accounts and bank statements regularly to ensure that no unauthorized transactions have been made.