Phishing is a method by which someone tries to lure you into revealing your valuable personal information, such as an account password or credit card number. The intent of this type of scam is to gain access to your user accounts or money—something we all want to avoid.
The problem we face today is that phishing scams are becoming more and more convincing. They look like authentic communications from people and organizations that we know and trust. No longer can we depend on finding misspelled words in a hastily written email or obvious mistakes on a fake website to know that something is amiss.
Phishing attacks are being carried out with far greater attention to detail. Emails and websites look surprisingly authentic, easily fooling the casual observer. But how can we tell the difference?
Fortunately, most phishing scams have some telltale signs that will give them away. Here’s what to look for and what to do:
- BE WARY of any request for your password, account number or other personal information, especially if the request is urgent and a web link is given for you to submit your information. This is the key signature of a phishing scam.
- DO NOT click on the imbedded link, even if you are curious. Sometimes, these links will take you to a fake website to harvest your information and sometimes they will infect your computer with malware.
- DO check with your trusted source (e.g., your bank, online retailer, IT department) to determine if the request is legitimate. Be sure to open a new browser window and type in the home address and navigate from there. Or simply give them a call on the phone.
For more information see Don’t be “Phooled” by Phishing Scams at http://www.ecu.edu/cs-itcs/itsecurity/Phishing-Scams.cfm.