What is phishing?
A phishing message presents an innocent looking but dangerous request to: share information; open a file or run a program. The message may appear urgent or subtly enticing, but the goal is the same -- to make money from your information, accounts or computer for cyber criminals.
How can you avoid being phished?
A 2009 research study showed that 45% of people directed to a fake website by a phishing scam enter their account password. These people were fooled by the fake message and fooled by the fake web site! Learn these two skills for all emails & web sites to avoid the dangers of phishing:
1) Check Before Acting On Unexpected Email Requests
Whenever you receive an unexpected email request, especially one that is urgent or enticing, use common sense to evaluate the message:
- If it seems suspicious - just delete it!
- If it seems likely to be real (or you can't decide) - contact the sender to confirm it!
Remember: Let your common sense guide you as to whether the message seems suspicious or real when you receive an unexpected email request, then act accordingly.
2) Check Before Entering Your Password
Whenever you need to enter your password, don't enter your password, unless the website has the following:
- Encryption - the web address must show https or the lock icon
- Matching Domain - the web address should match the organization
Remember: Do these two quick checks every time before you enter a password, just like you always quickly check your mirrors before changing lanes on the road.
What else should I know about phishing?
Find out more about how to protect yourself from phishing.