Which Is a Way to Protect Against Phishing Attacks? Here Are 37 Ways!

Phishing scam, hacker attacks: it’s all a way, yet again, to try to steal your money


37 Do’s & Don’ts To Avoid Becoming a Victim of Phishing

You could be the next victim of phishing! What is the phishing definition? Phishing is attempting to gain personal information from an internet user, by typically sending emails that look like they are from a legitimate financial institution, organization or company. Typically, the phishing email seeks to direct the potential victim to a fake web site that replicates the real thing. Many victims of phishing are older people who perhaps are not as computer savvy as their younger counterparts.
If you get an email, for example, saying that your bank account will be closed unless you respond to the email, call your bank on the phone to determine the status of your account. Better yet, go into the bank branch and check. In no case should you ever reveal any financial information. Unfortunately, there are emails now coming through that tell you that your favorite aunt wants to share a photo album with you. In many cases, your poor aunt’s email account has been hijacked and the scammer wants to share with you. You must pay constant attention to avoid getting hooked in a phishing scam.
Here are 37 key tips to help you avoid becoming a victim of phishing.

1. Don’t be a willing victim. Phishing requires that you participate in some way. Most of the time the culprit wants you to click on a link in an email and give them some personal information. Don’t do it. Instead, if you are not a customer of the bank, organization or company that you receive the email from, delete it! If you are a customer, call your local branch or call the company or organization directly. Look up the phone number yourself, NEVER, NEVER call a phone number in a suspect email!
2. Do check your web browser to determine if phishing protection is enabled. This is not fool proof and the browsers only detect phishing websites on a list. Scammers are incredible smart so don’t rely on browser protection to protect you from phishing.
3. Do take a second look at websites you click onto. Does it look like the normal, elegant website or is there something “funny” about it? Are there misspelled words on the website?
4. Do check to see if the address you are visiting is a secure website. There is the usual http:// before the typical website and then there is the secure website, which will be https://. If you click on any bank, such as Wells Fargo, for example, its web address is: https://www.wellsfargo.com.
5. Do pay even closer attention to the address in your web browser. We just clicked on the Chase Bank website and copied its address. Here is the bank’s legitimate internet address: https://www.chase.com/. You will note that between the https:// and the first “/” is www.chase.com, the legitimate address of the bank. If you get an email supposedly from Chase and its address is something like this: http://partnersmidwest.com/chase, it is not the real Chase. Always check what’s between the https:// and the first “/”. Scammers could even get an internet address like chaseaccountstatusupdate and then the address could look something like this: http://www.chaseaccountstatusupdate/chase. This address has nothing to do with the real Chase you do business with. Be careful; its tricky out there!

6. Do be suspicious of any company or organization, even one that you do business with that asks for personal information in an email. In fact, make it your strict policy to never give out information over the internet or the phone unless you initiate the action. If you have a bank account that is overdrawn, you will get a notice in the mail or a call from the bank manager. And if you should get such a notice in the mail, take it to your local branch and have them check. If you get a call from the bank manager, make an appointment to see him or her.
7. Do watch out for breach of security emails. That is, your bank account has been breached and you need to take immediate action over the internet to fix it. Don’t do it. Call the bank. Scammers love to scare you and panic you into taking foolish steps.
8. Do watch out for emails from software companies claiming to be security software offering you a “free trial.” Don’t bite. If you want new security software, go to the Norton site or a site of other prominent security software providers. Further, do not click on internet advertisements for security software.
9. Do hit the delete key if you are suspicious about an email.
10. Do be aware of any misspellings in emails. It is a sure give-away. Anyone can make a typo but scammers seem to make a lot of them and it is a dead giveaway. Hit the delete button when you come on misspellings.
11. Do watch out for emails from companies with addresses like http://123456.ww.yourbank.com. Legit companies do not have addresses like this. Hit the delete button.
12. Do watch out for scammers pretending to be your bank that are trying to get you to “update” or “verify” your information. For example, Citibank’s internet site is indeed www.citibank.com, but if you were to get an email requesting that you update your information at www.citibankupdateverify.com, it is a phony site. Hit the delete button.
13. Do go to one of the big search engines if you are in doubt about a website you received by email. The top search engine results will lead you to the real company.

14. Delete emails from official sounding sites demanding information from you. The IRS, the Social Security Administration and Homeland Security, the U.S. Postal Service will not contact you this way. The solution is to hit the delete button. Better yet, inform the IRS, Social Security, Homeland Security or the Postal Service about fraud in their name. They will take action.
15. Don’t get fooled by phony jury notices by email, another scam. Your county or state will contact you by mail if you are up for jury duty. A favorite scheme is to send an email saying that you missed appearing for jury duty and now you must take immediate action to protect again prosecution.
16. Don’t be fooled by a similar trick, which is to contact you by email that you have an outstanding parking ticket and you must immediately pay it by credit card. Take down the information, delete the email and call the municipality from which the email supposedly came.
17. Don’t be alarmed by an email from a law enforcement agency saying that there is a warrant out for your arrest. The police don’t send emails; they show up at your door!
18. Don’t be fooled by an email giving money away. Nobody but nobody gives money away. Delete the email without reading it.

19. Do take the following action if you mistakenly respond to a phishing scam:: (I) Immediately change all of your passwords and PINS for your online accounts that could be compromised by your error; (2) Place a fraud alert on your credit reports at the three major credit reporting agencies; (3) If you clicked on a fraudulent email for a bank or another organization, contact that organization for help; (4) If any new accounts were opened in your name, close them immediately; (5) Make a habit of reviewing all of your financial accounts at least once a month-that’s a good practice to always undertake.
20. Don’t think that because there is an official-looking logo on a website that it is not a fraudulent. It is easy for scammers to steal a logo online and use it. In fact, scammers can steal the entire code of a web page and reproduce an identical page to the page of the organization.
21. Don’t be fooled because a scammer is contacting you about a bank where you have an account. If you do your banking at the XYZ Bank, the scammer might send out 100,000 emails to hit X number of people with accounts at the XYZ Bank.
22. Don’t be fooled by emails telling you to “verify your account,” “update your account information,” “we found during regular maintenance,” and “failure to update your records will result in account suspension.” If you are concerned about the last one, call your branch manager.
23. Do use Microsoft’s SmartScreen Filter.
24. Do remember these five tips-offs about possible phishing scams: (1) alarmist messages; (2) requests for donations after a disaster has been in the news; (3) bad grammar, poor spelling; (4) deals that sound too good to be true, and (5) promises of big money with little effort.
25. Don’t let your emotions get the best of you. Don’t respond to requests for political donations from your favorite party through email or over the phone. If you want to donate, click on the legitimate website.
26. Don’t think you won a lottery from Yahoo or Microsoft. It didn’t happen. Any time you get a “you’ve won the lottery,” delete it.
27. Don’t go to any website from an email link ever. Go to your web browser and type in the web address you want to go to or use your bookmarking capability.
28. Do type in a wrong password sometimes. If you have an account with a website, such as Amazon,com, and you suspect that the website you are on is not Amazon, type in a phony password. The real Amazon will kick it out; a phony website will accept the wrong password.

29. Do take immediate action if you think you have downloaded a virus or Trojan. You could well have downloaded a “key logger” to your computer, which could spell disaster for you. A key logger will send to the scammer everything that you type into your computer including credit card numbers, passwords, usernames, Social Security numbers, everything. You need to install or update your anti-virus and firewall software. You need to update all of your virus definitions by running a full system scan. It takes a long time but do it now! If your system has been compromised, fix the problem and change your passwords. Then change your passwords again because you do not know what has been transmitted. Check all of your accounts and credit report.
30. Do report your personal information stolen to the three major credit reporting agencies. If you think that your personal information has been compromised, you need to report this to the three big credit reporting agencies including Equifax (800.525.6285); Experian (888.397.3742)) and Trans Union (800.680.7289).
31. Don’t be fooled if you get an email, supposedly from your bank, saying that your monthly statement is enclosed and that you can click on it now. If you did not order your statement by email, then you should not be getting one, right? Many big companies with whom you have a relationship will email you to tell you that your monthly statement is ready at their website. But you have to go on the website and use a username and password to get on.
32. Never enter personal information in a pop-up screen because you do not know where it came from.
33. Use spam filters on your computer to protect it. Use anti-virus and anti-spyware software and a firewall and keep them up to date.
34. Don’t open email attachments unless you are expecting them and know what they contain.
35. Do have your security setting on your email set on high so that most of your email goes into the junk folder to begin with? Then you can sort through it on a regular basis for emails you want to open.
36. Do take down telephone number, name of person, etc. if you have been contacted that you are victim of fraud. Do not respond, take other action by contacting the company or agency directly by telephone.
37. Do be extremely careful if you are a job seeker. Job seekers are extremely vulnerable to phishing schemes. All online job application sites are asking for Social Security Numbers. It would be easy for scammers to create a phony jobs site and steal hundreds of thousands of Social Security Numbers. Know who you are dealing with before submitting any information.

Comments are closed.