Phishing describes an attempt to get you to unknowingly disclose personal information such as credit card details, banking information, usernames and passwords.
The party trying to gather your information will try to hook you by sending you an email and asking you to click on a link.
The email will look like it’s come from a valid source, such as your bank and credit card company, and often some of the links will direct you to the actual website, making the email seem authentic.
The email will usually say there’s something wrong with your account, or that there has been a fraudulent attempt to log into your account, or it could be confirming a transaction that never happened.
Often you get these emails from companies where you don’t actually have an account.
But your financial institution will not send you an email asking you for personal information or a password.
If you receive an email like this, there are a few steps you can take to protect yourself.
The first and easiest step is to hover over the link with your mouse and check the website address that pops up in the display. The link address could appear right beside your mouse pointer or at the bottom of your web browser. Check the name and make sure it matches the source of the suspect email. If it doesn’t match, it’s likely a phishing email and you should delete it.
If you happen to click on the link, it will take you to a site that has been set up to look exactly like the original site. Don’t fall for this. The safest step would be to go directly to the website by typing their web address or by using a bookmark you’ve saved. This will ensure you’re visiting the correct site and you can confirm your information there.
Be aware that clicking on a link or opening an attachment in an email could be enough to harm or infect your computer. You’re best not to do this unless you’re sure the link is from a legitimate source.
Sometimes you’ll get an email with an attachment someone is trying to get you to open. This is one of the most common ways for computers to become infected. If you’re not 100 per cent sure of the source of the email, it’s best not to open attachments.
There are several types of files that it’s best not to open when attached to an email, including those with names that end in EXE, JAR and ZIP, to name a few. It’s considered safe to open files that end in JPG, BMP, TIF, MOV and MPEG.
Even if the email is from someone you know, it isn’t necessarily safe. Often once someone’s computer system is infected, it will send an email to contacts in that person’s address book. So if someone has sent you something you weren’t expecting, contact them to confirm that they sent it and that their email hasn’t been compromised.
If you’re still uncertain, call the institution directly using a known number, not one provided in the email. The company will never ask you for your password, although they may ask you for your telephone number or some other information that you have on file with them.
Some phishing emails will say you’ve won a prize. Others will say that someone needs your help to move or get access to money, and offer you a percentage for helping them. Often they want you to pay a small fee up front before they send you the money.
Or they will send you a cheque and ask you to deposit it and send them back a small portion of it for one reason or another.
If it seems too good to be true, it is. These emails are always scams.
If you get a phishing email, forward it to the company being misrepresented. Usually they have an email address such as [email protected] that can be found by searching online.
The safest way to protect your personal information is the human firewall: if it doesn’t seem 100 per cent authentic, just don’t go there – pick up the phone and call.
Bill Green is an hourly financial and estate planner, public speaker and author of The Success Tax Shuffle. Bill has over 26 years of experience in the financial services industry.