Phishing is a form of hacking that “baits” the victim into giving the hacker their data or log-in information. It’s often effective because the hackers’ communication with you sounds like someone you know - your financial institution, your lender, your friend.
While phishing can look many different ways – it typically involves the victim receiving a phone call, text, or email, pretending to be a familiar or accredited sender.
How to recognize the signs of phishing.
The first step in guarding yourself against phishing is to understand what phishing attempts look like. One of the first signs you may have received a phishing attempt is when you receive a call, text, or email that demands immediate action, often threatening some type of immediate punishment or loss of something.
Example: Receiving an email that reads, “Click this link and enter your Amazon log-in credentials in the next 5 minutes or $800.00 will be charged to your card on file.”
First, Amazon (or any retailer) will never email/text/call you to get your log-in credentials to confirm or block a charge. And even if they needed you to confirm something, they wouldn’t threaten you with an immediate charge.
If you ever receive an email or text from a retailer suspecting fraud on your account, contact them directly (outside of any contact info/links in the message) just to ensure there’s no mechanism attached to the message itself.
Second, look out for weird phrasing, misspelled words, or foreign symbols in these messages. If it doesn’t sound or look legit, it probably isn’t!
Third, look at the contact information of the sender. If you’re receiving an email from your bank asking for your log-in information, but the email sender is “email@example.com,” that’s a 100% sign that this is not a legitimate source.
Similarly, if you’re getting spam phone calls from multiple foreign countries, that is an additional sign of a potential phishing attempt.
What to do if you recognize a phishing attempt.
The number one thing NOT to do is engage with the message itself. If it’s a voicemail, don’t return the call, and block the caller. If it’s an email or text, don’t respond or click any links in the message.
If the message is concerning – like saying your bank account is locked or something similar – contact the legitimate vendor outside of the message you received. So in the above example of your bank account being locked, contact your bank branch directly, and they will confirm any doubts you may have and will also want to know about any legitimate-appearing phishing attempts on their customers.
Trust your instincts.
If something feels off, it probably is. If anything you receive seems suspicious or wrong, never hesitate to contact the vendor outside of the message and confirm for yourself.
Phishing is a very common hacking style. Any vendor you’re dealing with (your bank or any other retail vendor you have an account with, like Amazon or Target) knows these attempts can seem very convincing and won’t mind helping you confirm the attempt is malicious and not real.
Mollie Macklin via Plinqit