- Step 1: Be suspicious Ignore any email or text message that asks you to reveal sensitive information, like bank account numbers, a password, or your social security number. A legitimate company already has this information and wouldn't ask you to update it or verify it via email.
- Step 2: Be leery of links and phone numbers Don't click on any links within an email; it may lead you to a bogus website that looks like the real thing. If you want to check an account, open a new browser session and type in the URL of the company yourself, or use a bookmark you created. Do not cut and paste the link provided. Never call a phone number provided, either.
- TIP: Place your mouse cursor over any link embedded in a message that you think is suspicious; if you see an address that bears no relation to the organization that's supposedly contacting you, you've caught a phish.
- Step 3: Don't be pressured Don't be intimidated by messages warning you of dire consequences if you don't provide the requested information. Such scare tactics are the hallmarks of phishing scams.
- TIP: "Verify Your Account" and "If You Don't Respond Within 24 Hours Your Account Will Be Closed" are classic phishing come-ons.
- Step 4: Read carefully Read web addresses carefully. Cybercriminals often use misspellings of company names to fool people, a practice known as "typosquatting" or "cybersquatting."
- Step 5: Don't get speared Never assume an email is legitimate just because it appears to be from a firm you do business with. Cyber thieves often target a company's customers, a practice known as "spear phishing."
- Step 6: Report phishing immediately If you think you may have been tricked into giving your personal financial information to a phisher, contact your bank and credit card company immediately. You can also file a complaint with the Federal Trade Commission at "ftc.gov":http://ftc.gov/.
- FACT: Mobile users are 3 times more likely to fall for phishing scams than PC users, according to one study.
You Will Need
- Healthy skepticism
- Careful reading
- Mouse test (optional)