Stealing your personal information and identityPhishing (pronounced as "fishing") is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity. Despite you securing your computer from other more obvious attacks, phishing is a sneaky way to steal your information.
It is not that easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.
Many of these people are professional criminals, out to phish your personal information and/or gain access to your money. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully.
When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving.
Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
How to spot and avoid phishing
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.
Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.
During the past few years, because of the phishing problem, many banks now do not include any direct links in emails they send out to their customers. Instead, they ask their clients to login to their account by typing the bank's URL address into the browser, rather than linking from email. This approach prevents a lot of phishing problems.
Despite this changed approach, unfortunately many ill-informed people still tend to get tricked into clicking from the phisher's email and thus fall victims to phishing. Always be alert and never click on any links in any email that might take you to banking or other important sites, which might contain your personal information. Even if such emails look very genuine.
Site last updated: 11. December 2018