What is "Phishing"?
Its actually pronounced "fishing" as the image illustrates. It is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
How to tell a phishing email?
- Sender - don't just look at the person's name, look at the email address. If you do not recognize the email address not just the name part of the email, chances are, its a scam.
- Links - If you get an email that asks to verify some information, cancel a purchase via link, etc, do not click on that link. Log into your account directly. Say you received an email about iTunes purchase, log in to your iTunes account by going directly to Apple's website and not via the link in the email.
- Contents - If you are sure whether an email is a scam, copy parts of the email and Google Search it. Chances are, someone has posted a blog entry on the scam.
- Attachments - DO NOT OPEN.
What to do if you smell phish?
- Ask for a second opinion.
- Blog about it. Post the contents online so others can learn from it.
- Email me: firstname.lastname@example.org and I will post about it.
- Google it.
- Don't bite.
What to do if you bit?
- Change passwords for major sites like PayPal, Amazon, ebay, email address, bank login, etc.
- Cancel your credit card or report it as lost.
- Monitor your credit score.
- Never use the same email and password for future sites.
Remember, that information you entered on a phishing site may not be used anytime soon, but it will be at some point. It becomes available for sale. They now know an email address and password combination. They will try it on any site they can find until it is successful, even if you use it in the future.