How To Avoid Email Phishing
If a shady-looking guy in a trenchcoat and dark glasses walked up to you in the street and whispered, "Your credit card account is about to expire, give me your card number and I'll fix it for you," you'd probably be more than a bit skeptical. But surprisingly, millions of people each year fall for pretty much this very scam, with only one key difference: it's done over the internet.
Online, this type of trick is known as "phishing", and is remarkably simple to understand: a scam artist will simply send unwitting targets an "urgent" email, claiming to be from EBay, or Bank of America, or some other institution that uses customers' personal financial information, and will try to convince the user to reply with their credit card number and other private info.
The exact phrasing of a phishing email can vary, and often pushes you to make rash decisions: they may tell you that your bank account is about to be closed and that you need to urgently email your account number and password to keep it open.
Or, if they're really shameless, they may even say that someone has hacked into your email address and that you need to send your info to prevent your identity from being stolen (which is, of course, precisely what they are trying to do!)
In both cases, the idea is to scare you so that you quickly and unthinkingly send along your credit card information, and you'd be surprised how often the trick works! But the good news is that, as long as you are prepared for the threat, and know a few simple tips for identifying a phishing scheme, you will never be fooled.
The Golden Rule for protecting yourself from a phishing (or any other email) scam is simple: Never give your valuable personal information to anyone over email. Any legitimate company will always have an online or telephone system set up for submitting this information, and would never ask you to email your info, precisely because they know that phishers are doing the same thing!
In addition to that rule, here are three tips for recognizing and dealing with potential phishing emails:
- Check the email & search carefully for typos and awkward language. Many phishers are working from outside of the US, and you'd be surprised how often the emails they send sound just plain silly when read carefully.
- If an email directs you to a link, carefully check it over before clicking on it, and "hover" over it with your mouse to see the URL it is sending you to. Almost always, a phishing schemes will claim to be sending you to one site, but in fact will link you to another. Any time the site written in the email and the URL it is linking you to are different, you can suspect a scam.
- To find out exactly who is sending you the email (especially if you have received it several times), you can run a reverse email search. Simply by plugging the sender's email into a reverse email search service, you can learn all you need to know about who the email address really belongs to, and take action if necessary.
By remembering these simple tips, you will quickly become a master of keeping yourself clear of online phishing traps.