A Guide for Beating Phishing Attacks

Phishing is a way for individuals who are known as "phishers" to obtain your private information such as bank account details and passwords. Phishing messages come in the form of an email message that is directed to you and appears to be from a reputable company or business-often one that you have an association with and trust. But, it is not. The message will tell you to confirm your bank details, password, or login credentials or "your account may be closed." You are then directed to click on a link in the email to take you to a website to enter in the requested details. By employing scare tactics such as the threat of account closure, phishers are hoping to lure you in to their trap.

Once you click the link you are taken to a website that looks like the real website of the company the email is purporting to be from. But it is not. You enter your details and the phishers now have the information they need to steal your identity. What just happened? The phishers lured you in on false pretenses and stole your account information and passwords, which will allow them to buy things with your money and potentially damage your credit history.

By utilizing the following steps it is possible to keep safe from phishing:

• Know that your bank will never ask you to confirm your details via email. So if it looks like it's coming from your bank and asks you to confirm details, you should not click it. Remember that you can always call your bank directly and ask them about any email you receive. They will know if they've requested that you update your account details.
• Is it addressed to you? It is common for phish messages to begin with salutations such as "Dear Valued Customer" and "Please Confirm" instead of your actual name. If it's not addressed to you, don't click it.
• Rest your mouse pointer on the URL in the body of the email. The real destination of the URL will be displayed. If the URL looks like a different name than the name of the company, don't click it.
• Look for spelling mistakes. If there are spelling mistakes, or the email doesn't look professional, don't click it.
• Get security software that includes anti-phishing and identity protection features. Symantec has products that do just this.
• Don't use links in emails to get to websites. Instead, manually type in the URL destination into the address bar of your Web browser. It may take a little longer, but you will be more effective at protecting your identity.

Please take a look at the video below that Symantec produced, which will provide some insight on the above points regarding phishing attacks: