Tips on Avoiding Traps Laid by Phishers
- Never, ever click on a link inside an email from your bank, credit card company, or other similar institution. Instead, go directly to their website. The only exception might be when this is impossible. For example, you sometimes receive a confirmation email where you have to click a link to verify your email address or change your password. In this case, you will usually have just logged onto the company’s website and requested to sign up, change your password, etc. It would not be a random email which you would receive out of the blue. And even in this case, remember the below precautions and tips.
- When you go to a website which has your personal information stored, such as your bank’s or your email’s website (like Hotmail or Yahoo), don’t type the name directly into the address bar. Instead, type the name into a search engine like Google or Yahoo, and then click the link to the site. Why? Phishers sometimes rely on spelling mistakes typed into the address bar. If the URL of your bank is www.mybank.com, the phisher might make his own website under the URL www.mybanj.com. When someone accidentally makes a spelling mistake in the address bar, he will be in the phisher’s website. The phisher makes sure that his site looks identical to the real one. You “log on,” type in your username and password, and the phisher has your data. But if you go via a search engine, the real website will most likely show up at the top of the page, not the fake one!
- Don’t publish your email address on the Internet. This includes in blogs, forums, websites, etc. If you have a website, use a contact form connected to your email address. If you are a member of a forum, you can usually set it up so that you will be emailed by the forum whenever someone answers your post. Phishers and spammers regularly go through the Internet to find email addresses (they even have software to collect these email addresses). They send their spam or phishing emails to the addresses they find. If your address is only made known to valid contacts, you are less likely to receive a phishing email.
- Don’t answer your spam. This confirms that your email address exists and is likely to lead to more spam – including possible phishing attempts.
- Be careful about forwarding emails to your friends and family. Make sure the email is from a trusted source and that you are sure it does not come from a phisher who will then target your friends and contacts.