How do I avoid a phishing scam? - Article 269
- Always be suspicious of e-mails asking for sensitive information.
Remember that e-mail is not a secure form of communication. Organizations you do business with already know your account information and will never request it from you in an e-mail. Phishers will usually include false statements that are designed to increase urgency and try to make you give up your information more quickly, such as "Your account is going to be terminated unless you respond immediately."
- Never respond to an e-mail request for personal information.
Always err on the side of caution. Look at the “From:” field in the e-mail. If the organization name does not match the “Reply To:” organization name, the message is probably spoofed (falsified). For example, a message from a local credit union or bank would not have a reply e-mail address ending in "yahoo.com". If you ever need to provide personal information like a credit card number, make sure you are using a secure, trusted web site or, if on a phone call, be sure your are the one that initiated the call to the company and not the other way around.
- Never follow the links in an e-mail you suspect might be phishing.
If you unsure about a link to a site you receive in an e-mail, “hover” your cursor over it. If the link text in the e-mail doesn't match the link address, do NOT click it. Log directly onto the company’s web site or call the company. Most companies will know if there is a phishing scam involving their company and be able to verify if the information in the e-mail is real or not.
- Consider installing a toolbar that blocks scam sites.
Some browser tools are available that can alert you if you are accessing a page that is a known fraudulent phisher or block the site altogether. Perform and Internet search for "phishing toolbar blocker" for different tools and options.
- Always make sure your operating system, antivirus software, and browser are up to date.
Some scams use viruses or holes in the security of operating systems like Windows and browsers like Internet Explorer. You should always make sure you have the latest security updates installed on your computer. The ITS Help Desk Security Center has more information on not only how you can keep your computer and data protected but examples on current and past scams.
- More information about phishing and how to avoid phishing scams can be found here: http://education.apwg.org/r/en/index.htm.