What is Phishing? Wikipedia defines it as this: Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.
You may think that you are too tech-savvy to be fooled by one of these scams, but we've seen it happen to even the most seasoned techies and even I.T. professionals.
99% of the time, you won't be fooled, because the information will be a dead giveaway - for example, asking you to login to a bank account when you know for certain that you have no such account at that institution. But these scams work on numbers - if they send the scam out to 100,000 people and the information makes sense to just 0.1% of them, then they will be successful with 100 people.
As an example, there is the common "UPS Package Confirmation" phishing email. Most of the time, you probably aren't expecting a package, so you easily dismiss and delete it. However, there will come the one time where you *are* actually waiting for an urgent package *and* you get this email at the same time. In that case, you may be too quick to click on the link and be duped.
Some quick ways to check are:
1) Hover over the link that it is trying to send you to and see if the URL matches what is expected, for example, a UPS email with a URL should direct you to some version of www.ups.com. If not, it is likely a scam.
2) Check the email address of the sender. It should also be from the same domain as the expected site.
3) Avoid the link altogether - open a new web browser page, manually go to the site yourself and login from there. If the company is requesting something from you, it should likely show up in this same area.
As always, if in doubt, forward us the email and we will confirm for you. Better to be safe than sorry!
Comments