Phishing
Phishing attacks are attempts to collect sensitive information such as social security numbers, passwords, usernames, credit cards (and sometimes cash - usually in the form of a wire transfer) in the form of an electronic communication. When attackers get the victim to bite the bait then phishing succeeds. This usually involves the attackers disguising themselves via Social Engineering as a trustworthy entity in an electronic communication.
- Never send passwords, bank account numbers, or other private information in an email.
- Avoid clicking links in emails, especially any that are requesting private information.
- Be wary of any unexpected email attachments or links, even from people you know.
- Never enter private or personal information into a popup.
- Look for "https://" and a lock icon in the address bar before entering any private information.
- Have an updated anti-virus program that can scan email.
Helpful Information
Phishing is not limited to "spam" (aka junk email) so here are some other areas in which phishing may occur:
- Social Networking websites
- Online ads
- Unsolicited phone calls
- Status updates
- Tweets and other posts
Don't Take the Bait
Be safe. Don't bite the bait. When in doubt throw the questionable communication out.
- Don't click on links that are questionable in any electronic form (email, webpages, status updates, tweets, online ads, etc.).
- Throw out questionable emails that don't look proper or ask you for sensitive information.
- Don't give out credit card information or other personally identifiable information (PII) to phone solicitors you don't know.
Own Your Online Presence
- Consider hiding your email address from online profiles like social networking sites.
- Only allow certain people to view your personal information.
Don't Respond
Don't respond to unsolicited communication, and verify the communication from companies you do business with by directly calling them.
- Use a contact information from statements provided by that company.
- Never use contact information from the suspicious electronic communication.
Tricked?
Do you feel you may have been tricked by a phishing email?
For more detailed information on phishing you may also view the Federal Trade Commission's website.