What Is Phishing?
Phishing (pronounced like fishing) is what online criminals do to try to trick you into giving them sensitive information to access your online banking or other financial website accounts.
They walk the walk and talk the talk to try to convince you that they are an actual, legitimate person trying to help you. They can try to look like your financial institution, a social network like Facebook or Twitter, or even Google or Microsoft.
What Do Phishing Websites Commonly Ask for?
It’s good to get into the habit of looking before you sign in on log-in screens online. Be wary of any message that asks for personal information or links to other websites that ask for personal information.
Commonly, phishing websites will as for at least two of the following items:
- User names and passwords
- Social Security numbers
- Bank account numbers
- Personal Identification Numbers (PIN)
- Full credit card numbers, including expiration date and security code
- Your mother’s maiden name (Commonly used to reset passwords)
- Your birthday (Commonly used to reset passwords)
What Are Search Engines Doing to Protect Me from Phishing?
Google and other search providers scans for phishing websites at least 3 million times every day. They remove those fake internet sites and scams from showing up in your search results.
How Can I Protect Myself from Phishing?
- Never reply to suspicious emails, tweets, posts to your Facebook feed, direct messages, or other similar items. These may be linked to even more malicious websites that will also infect your computer. If a link you clicked on takes you to a log-in screen, think twice about putting your information in there.
- Never enter your password into a website after following a suspicious link. If you are unsure if the link you followed is good or not, go to the actual website you were trying to log into from your bookmark or by typing the website name into the address bar.
- Never email your password or banking information to anyone, even yourself.
- Only enter your account information if you are 110% certain you are on the real website. To be 110% certain, you can check the address at the top of your web browser. Fake website addresses can look a lot like real website addresses. Take, for example, this fake address: www.goog.le.com. Do you see the extra period in the address? That’s how you know it’s not real.
- Make sure you install web browser updates as soon as possible. These updates allow your browser to warn you if you go to a website that is suspected of phishing. Google’s Safe Browsing API is used by Firefox, Safari and Chrome to help protect you from those pages.
- Many email providers allow you to report suspicious email and phishing scams. Reporting those messages can prevent the individual from sending you further emails, and it also helps the email provider write better coding to stop similar messages from getting through to your email in the first place.
Have you ever been caught in a phishing scam? What did you do to protect yourself in the future?