BOULDER, Colo., Jan. 27, 2011 /PRNewswire/ -- Cyber criminals often use a tactic called phishing to trick PC users into sharing bank account logins, Social Security numbers, credit card numbers and other valuable information.
Phishing typically takes the form of spam emails or instant messages containing links to seemingly real yet malicious Web sites to trick people into divulging sensitive information. And once you take the bait, they can create fake accounts in your name, steal your identity and wreak havoc on your credit. The good news is once you know what to watch out for you can protect yourself and get the phishing protection you need to keep these criminals at bay.
What is Phishing—and What is Legitimate?
When it comes to online communication, it's often difficult to tell what is phishing and what is legitimate communication from trusted companies. Phishers commonly target – or "brandjack" – well-known, trusted companies such as Visa, Coca Cola and even Adobe's Flash technology in an effort to furtively obtain passwords and other personal information. As a general rule, banks, credit card companies and other businesses will not misspell words or use emotional language, scare tactics or urgent requests to respond. They also will not request that you send your account number, login or password to them via email or instant messaging, since these types of communications are typically unsecured and should not be used to transfer sensitive data.
Even if you receive an email with a link to a company's site, don't click on it. The link may take you to a false site that looks and responds like the real thing. Instead, enter the company's URL manually (the same one you use to manage your accounts). This will ensure you're at the legitimate site.
If you believe you're the target of phishers, contact the business the scammers are mirroring by phone to report the suspicious message—and forward the message, but do not download anything from the message, to email@example.com. The Federal Trade Commission stores spam in a database and uses it to pursue law enforcement actions against people who send deceptive email.
Additional Phishing Protection and Tips
For added phishing protection, install reliable, powerful, up-to-the-minute security software, like Webroot® Internet Security Complete or Webroot Internet Security Essentials, which are designed to block spam and phishing attacks, remove malware and more.
Even with phishing protection and security software, it's important to be vigilant. To protect yourself further, keep these tips in mind:
- Do not provide personal information to unsolicited requests for information
- Only provide personal information on sites that have "https" in the web address or have a lock icon at bottom of the browser
- Continually check the accuracy of personal accounts and immediately deal with any discrepancies
- Do not open messages from unknown senders—and always delete messages you suspect are spam
Finally, use varied and complex passwords for all of your accounts. This will help mitigate the damage that can be done even if cyber criminals are able to get one or two of your passwords.