Monday, 13 December 2010

Top Tips to avoid falling for a phishing scam

I got this tip's on an email from a well known supermarket here in the United Kingdom. Since it is almost Christmas and the busiest time of the year to shop online, I just thought I would share this on my blog to help you as well as other people to be safe against 'phishing' attacks.

A phishing attempt often arrives as an email, pop-up screen or text message created by criminals to gain personal security information by pretending to be from seemingly authentic companies. They can look very convincing at first glance as they copy branding, styles and logos.

Phishing emails - so named because fraudsters use them to "fish" for information - attempt to entice people to provide sensitive information or take actions that a fraudster can exploit for financial gain or other malicious purposes. Within the message they then urge you to click on a link from an apparently real business that you may have used. From that site they trick you into giving away your personal security information. Some phishing emails even threaten dire consequences if you don't respond.

Tip 1
Think before you act - if it sounds suspicious, or too good to be true, it probably is.

Tip 2
Never respond directly to an email request from a company for personal or financial information.
Instead verify the authenticity of the request by using an email or telephone contact that you know is legitimate.

Tip 3
Never go to a web site from a link in an email you suspect to be fraudulent.
Instead enter URLs that you know are legitimate directly into your browser or by using bookmarks you created.

Tip 4
If you unwittingly supply personal or financial information, inform the appropriate institutions immediately.
Banks and credit card companies will work with you to prevent your information from being used against you.

Tip 5
If an apparently legitimate Web site that you have visited before prompts you for a password, enter an incorrect one first. A fraudulent Web site will accept an incorrect password while a legitimate one will not.

No comments: