How to Protect Yourself from Phishing Scams
Determine if the nature of the correspondence is suspicious., Review suspicious emails and text messages for spelling and punctuation errors., Call the organization directly to verify the inquiry., Examine the website links and logos in suspicious...
Step-by-Step Guide
-
Step 1: Determine if the nature of the correspondence is suspicious.
The subject content of the email, phone call, or text message will often help you determine if the message is legitimate.
Phishing correspondences will usually ask you for sensitive, personal information that the organization should already have.
For example, if your bank sends you an email asking you to provide them with your bank account and routing number, it may be a phishing scam.
In some cases, phishing correspondence may be written to induce panic or assume a threatening tone designed to make you act immediately and provide your personal information. -
Step 2: Review suspicious emails and text messages for spelling and punctuation errors.
In most cases, phishing scams are not proofread before they are sent and contain multiple errors.
If the email or text message is coming from a major business or corporation, it is unlikely that spelling and punctuation errors will be published without review by an editor. , This will allow you to determine if the correspondence you received is legitimate or a phishing scam.
Mention to the organization that you received suspicious correspondence and you need to clarify its authenticity.
The organization may also take further action on their end if it is a phishing scam.
If you were left with a voice mail or automated message providing you with a phone number to call, verify that the phone number matches with the phone number in your records for that organization. , In some cases, links and logos are masked to look legitimate but may take you to a different website or cause you to download malicious files.
Hover your cursor over the link or business logo within your email.
A small pop-up bar that displays the true website address will appear below the link embedded within the email.
Refrain from clicking or visiting any unfamiliar links that end with an "exe" extension. "Exe" links may cause you to download malicious software, spyware, or other programs that can steal your personal information. , Sometimes, phishing scams will display email addresses that resemble authentic company email addresses, but vary slightly enough to trick you.
For example, if the email address for a business ends in "company.com," a phishing scam may use a variation such as "trusted.company.com" to trick you. , This may prevent any personal information you enter from being seen or stolen by malicious entities.
Look at the address bar of the website you are visiting to determine if the site begins with "] rather than "The "] part of the web address indicates that the website is secure.
A yellow padlock icon displayed toward the bottom of your web session can also help you determine a website's security.
Double-click on the padlock icon to verify that a security certificate displays on the screen, as some websites will display just a graphic of a padlock to be malicious. , This will allow you to see if any unauthorized charges or purchases have been made with your account, indicating that you may be the victim of a phishing scam.
If you notice any unauthorized activity in your bank account or on credit cards, notify your local authorities and your financial organizations immediately.
This may prevent the cybercriminals behind the phishing scam from continuing to use your information. -
Step 3: Call the organization directly to verify the inquiry.
-
Step 4: Examine the website links and logos in suspicious emails you receive.
-
Step 5: Examine the email address of the entity that sent you the email.
-
Step 6: Provide your personal information only to websites that are secure.
-
Step 7: Review your bank statements regularly.
Detailed Guide
The subject content of the email, phone call, or text message will often help you determine if the message is legitimate.
Phishing correspondences will usually ask you for sensitive, personal information that the organization should already have.
For example, if your bank sends you an email asking you to provide them with your bank account and routing number, it may be a phishing scam.
In some cases, phishing correspondence may be written to induce panic or assume a threatening tone designed to make you act immediately and provide your personal information.
In most cases, phishing scams are not proofread before they are sent and contain multiple errors.
If the email or text message is coming from a major business or corporation, it is unlikely that spelling and punctuation errors will be published without review by an editor. , This will allow you to determine if the correspondence you received is legitimate or a phishing scam.
Mention to the organization that you received suspicious correspondence and you need to clarify its authenticity.
The organization may also take further action on their end if it is a phishing scam.
If you were left with a voice mail or automated message providing you with a phone number to call, verify that the phone number matches with the phone number in your records for that organization. , In some cases, links and logos are masked to look legitimate but may take you to a different website or cause you to download malicious files.
Hover your cursor over the link or business logo within your email.
A small pop-up bar that displays the true website address will appear below the link embedded within the email.
Refrain from clicking or visiting any unfamiliar links that end with an "exe" extension. "Exe" links may cause you to download malicious software, spyware, or other programs that can steal your personal information. , Sometimes, phishing scams will display email addresses that resemble authentic company email addresses, but vary slightly enough to trick you.
For example, if the email address for a business ends in "company.com," a phishing scam may use a variation such as "trusted.company.com" to trick you. , This may prevent any personal information you enter from being seen or stolen by malicious entities.
Look at the address bar of the website you are visiting to determine if the site begins with "] rather than "The "] part of the web address indicates that the website is secure.
A yellow padlock icon displayed toward the bottom of your web session can also help you determine a website's security.
Double-click on the padlock icon to verify that a security certificate displays on the screen, as some websites will display just a graphic of a padlock to be malicious. , This will allow you to see if any unauthorized charges or purchases have been made with your account, indicating that you may be the victim of a phishing scam.
If you notice any unauthorized activity in your bank account or on credit cards, notify your local authorities and your financial organizations immediately.
This may prevent the cybercriminals behind the phishing scam from continuing to use your information.
About the Author
Joseph Brown
Specializes in breaking down complex practical skills topics into simple steps.
Rate This Guide
How helpful was this guide? Click to rate: