5 ways to avoid becoming a phishing scam victim
07 OCT 2009Don’t be a victim of a phishing scamWith news that thousands of Hotmail, Yahoo, Google and AOL email accounts have had their log in details and passwords posted to a website due to a phishing scam, and the risk spreading away from email into our social networks, we thought we’d remind you of a few things to look out for so you aren’t caught out.
1. Be suspicious
With so many scams out there now, you really do have to be suspicious with every message you receive online. If it’s from a bank you’ve never opened an account with telling you to take some form of action, they can be spotted pretty easy, but if it is someone masquerading as your bank – they can be a little more easier to believe.Of course it can also be a lot less sinister than banks, with phishing scams looking to hijack your social network profiles or emails to spread spam advertising, or push the phishing scam further.
First off, read the email or message over a couple of times and be sure to watch out for bad spelling and grammar, as well as subtle spelling mistakes put in to trick you.
If it’s come from a friend but seems a bit out of character, especially if it’s asking you to check out a link, be sure it’s actually from them before you do anything.
Ultimately it’s worth calling the friend or company in question and checking if the email is legit, or even paying the company’s website a visit separately from your email and seeing if you have any notification of any issue on your account. If they’ve emailed you about it, you can be sure there will be something you can double check it with on their website.
2. Check and check again
If anything has made you even slightly suspicious, you can check a few things to work out if the email is legit. First off, check the email address the email was sent from to see if it looks correct – chances are most companies will not be using free email from the likes of Yahoo, Google or Windows Live, so that’s the first giveaway.
Second off if there’s a link to click in an email or tweet, hover your cursor over the link without clicking to see where it points to – this will appear in the bottom left corner of your browser window. If it’s something you don’t recognise, chances are it’s dodgy.
As for short URLs spread over Twitter that don’t allow you to see where you’re being taken too – be wary of single links sent to you with no description, especially if it’s from someone you don’t know. If it is from someone you know, approach with caution and tweet them to ask what it’s about before you check it out.
And finally, if you have clicked a link and it’s asking for personal information, be sure to check the URL in the address bar is the one it should be before you submit anything, and remember banks and online retailers will never ask for personal details like PINs and passwords.
3. Remember to look out for secure sites
If you’re ever entering secure information, such as bank details and the like, make sure to check you are on a secure site before you do so. This is usually easily spotted by “https://” at the beginning of the web address, and a padlock sign in the bottom right hand corner of the browser window.
To check out what this looks like, log in to your web email or online banking so you know what to look out for in the future.
4. Phishing filters
We can all do with a helping hand sometimes, and aside from being ultra vigilent yourself, a phishing filter will go some way to protecting you from both malware sites and anything that has downloaded itself on to your computer to log your keystrokes (ie. grab your passwords).
Once you do have a good phishing filter or anti-virus program, make sure it’s kept up to date with all the latest definitions so you are protected against all the new threats as they are discovered.
5. Choose passwords wisely
Around 40% of web users use the same password for all the sites they use. This means if a phishing scam gets your email password, it gets the password for things such as Facebook and Twitter too.
Make sure you have individual passwords for different sites, and that they are made up of both numbers and letters so it’s not easy to guess.
Moreso, make sure you change your passwords regularly, and don’t base them on personal information like your partner’s name or your dog that a scammer will be able to work out with a teensy bit of research.
Finally, don’t neglect your secret question. If the question has an answer someone down the pub would know, you probably need to make it a bit tougher.
Have you ever been the victim of a phishing scam? Tell us your experiences below.
5 ways to avoid becoming a phishing scam victim – technology news – Stuff.tv10 10 2009