How Phishing Works and How to Avoid It

how phishing works

You may have a knack for fishing, but you’ll never want to be a victim of a term called Phishing. Phishing is a cyberterm for online theft, plain and simple, that is online identity theft to be specific. This scam is done by cybercriminals, who send out millions of fraudulent emails, hoping that someone, like anyone of us, will take the bait. Similar to a lure on the hook of a fishing rod, these emails or links to websites appear to be coming from someone or some entity that is legitimate. You may really get to believe that these websites is legitimate because of official-looking color schemes and logos. Now, these emails often read that there appears to be something wrong with your account — it could be a bank, credit card, or social networking account, and you need to sign in immediately to resolve the problem. This process enables the scammer to gain access to your account such as credit card numbers, passwords, or personal information. Don’t get hooked! So, how will you know if someone is phishing on you?

How would you know a phishing mail when you see one?

Below is a good example of what an email message, designed for phishing, looks like:

Take note of the following suspicious content in the emails you receive:

  • Spelling and Bad Grammar – Check for some spelling and/or grammatical errors within the email. Think about this, a professional and credible company normally has a staff of copy editors that proofreads emails to make sure that the content coming from them is accurate and error-free. In case you haven’t known yet, these companies also do not allow a mass email like this to be sent to its users. If you see these symptoms on your email, then it must be coming from a cybercriminal.
  • Be mindful of the links in the email – If you see a suspicious link that is asking you to click in the email, don’t click it right away. Observe and study the link by pointing your mouse pointer on it (without clicking), and check if the web address matches the link that was showing in the message. The web address below is an example of what a bogus link looks like wherein the link reveals the real web address it will direct you to once clicked. If you’ll notice on the image, the real address does not appear to be a company address.Some links may also lead you to executable (.exe) files, which can spread malicious software onto your computer.
  • Threatening Message – If the message of the email sounds like you’re being threatened that your account will be blocked or deleted, don’t buy it. This modus operandi is widely used by cybercriminals to get immediate response from the victim, urging them to click on the fraudulent link. If you follow what the email is requesting you to do, you’re now a victim and the cybercriminal will now have access to your account numbers, passwords, and other personal information.
  • Faking popular websites or companies – Do not be easily fooled by graphics or signages in emails that appear to be representing a legitimate website, but in reality, it will only take you to a bogus site. Scam artists also use web addresses that imitate the name of well-known companies but if you will check closely, it appears to be slightly altered.

What should you do if you think you’ve taken the bait?

If you think you’ve responded to a phishing or any type of scam email, and you have provided your personal or financial information, take the following actions to lessen the damage and protect your identity.

  1. Change your passwords and PINs on all your online accounts that could be compromised.
  2. Report a fraud alert to your bank to monitor and check your credit card and/or savings accounts that you think may have been compromised.
  3. Directly contact the bank or online merchant, and do not follow the link in the fraudulent email message.
  4. If you know of any accounts that appear to be accessed or opened illegally, immediately close those accounts.
  5. Closely monitor your bank and/or credit card accounts, and immediately report if there are any suspicious charges or inquiries that you did not make.
  6. Moving forward, use email programs that use filters to help block phishing scams, and keep your security software updated.
  7. Delete any suspicious emails and NEVER click on any link in the email, or enter any personal information into any window or into any pop-up window.
  8. Enable the security features of your email program(s) that will help you report possible phishing scams.

So the next time you click on a link on one of your emails, stop, read it carefully, and be vigilant before you do anything. The Internet world is like a huge maze where you have to find the right and safest way around. Arm yourself with the right security tools to protect your property, files, as well as your identity, from all forms of cybercrooks.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s