Tue 16 Oct 2007
Phishing scammers send out electronic messages (usually emails) claiming to be reputable companies in an effort to gain your personal information e.g. passwords and credit card numbers.
Often these emails will express a sense of urgency in order to get you to act quickly, without thinking. For example, a phishing email may claim to be from your bank and ask you to click on a link and then verify your account information in order to keep your account active. While this website may look just like your banks one it is actually a fake.
So how do you tell whether an email you receive is legitimate or not? It can be very difficult as phishing scammers employ a number of techniques in order to deceive you. Scammers usually:
- Registered similar domains to the companies they are claiming to be.
- Copy logos and content from the real site
- Point all links on the website to the real site in order to trick you.
Carnegie Mellon University has recently developed a simple online game called Anti -Phishing Phil, which is a great way to test your ability to spot phishing scams and learn extra techniques on how avoid them. To play the game click here.
The best way to tell if the email you receive is a fake is to look at the URL of the site it directs you to. To view the URL without actually clicking on it simply hold your mouse over the link. The full URL will appear either at the bottom left of your screen or just above your mouse.
Here are few tips from Anti –Phishing Phil on how to identify a fake URL.
- URL’s with all numbers in the front are usually a scam
- Look at the address part of the URL this is the part between the http:// and the first / , look to the right of it, is this the correct site name for the company that supposedly sent you the email?
- If you are unsure whether the address is the correct address for the company, Google it and find out.