Phishing Scams: Don’t Get “Reeled” In!
It begins with an email, which may or may not look suspicious. It could look like it’s from someone in your contact list or from a company that you have an account with. Clicking on a link in the body of the email or an attachment opens up another webpage that asks you to log in somewhere or confirm account details. That webpage may look convincing, with similar logos and layout to the legitimate version of the page. However, entering your email, password, or any other details it requests, could give the phishers access to your online accounts, personal information, and identity.
One such scam that’s been building momentum for the last year is related to Gmail. You can read about the details of this false login here.
How can I tell if an email is legitimate or a phishing scam?
Be suspicious of any email that says you need to change a password or reenter credit card information. It may or may not be legitimate, but extra caution won’t hurt.
Check the “from” line to verify who sent the email. Is it actually from your bank or friend, or does the email address attached to the name say something other than the person’s contact information? If the address is strange, delete the email or mark it as spam.
Anytime you are on a site that requires login, make sure it is the legitimate page. Check the URL. If it’s secure, it should begin with “https” (rather than just “http”). Your browser may also show a little closed lock icon to signal this.
You should never be asked to submit account passwords, credit card details, or social security number as a reply to an email.
Legitimate notifications and password reset links may be sent to you from an account provider like Google or Facebook when you have requested a reset or there has been suspicious activity in your account.
Most accounts that offer password reset steps will require verification. They may supply a temporary password or send you a code to enter before resetting a password yourself.
If you suspect that someone has gained unpermitted access to your account, log in and change your password right away.
When in doubt, avoid giving away any information until you’ve confirmed a notice’s legitimacy by contacting the individual or company. Don’t let them hook you!