Phishing typically is when someone sends you emails with “bad” links in them. When you click on these links you get redirected to a “fake” site which is an exact mirror of the official site. Here you are then prompted to submit some confidential information. This information that you provide is then used to log into your real account leaving you totally clueless as to what happened. You should be aware that companies rarely communicate via email if it is in relation with sensitive account information. If they do, it is typically in response to an email that you have sent them.
OK, so what exactly can I do to protect myself against identity thieves on the web?
- Simple, just do not be gullible. These guys strike when you least expect it, so always be on the lookout for suspicious looking emails.
- If you receive a suspicious mail, don’t fill out any forms requesting sensitive personal information. In fact, do not do anything. Verify whether the email is legitimate or not. Nowadays, most agencies or companies are listed on the web. Their contact information readily is available. With this information at hand you can verify whether or not any communications you received are legitimate.
- Don’t click on or save attachments that come with suspicious emails. Delete these files immediately. Alternatively, if you have a good anti-virus, scan the attachments first before opening.
- Update regularly. Windows posts updates almost daily, especially security patches. Make sure you have your settings set that you can download these automatically. I know it’s a pain and eats away at your bandwidth and RAM. But I like to think that it’s better to be safe than sorry!
- Even though you should never take action on suspicious sites or emails, be sure to watch out that the address bar starts with “HTTPS”. This means that the page is encrypted and should be secure. If there is no “HTTPS” then leave at once.