Best Ways to Protect Yourself From Phishing
If you've had an email account for longer than 5 minutes, you've likely encountered at least one Phishing attempt. These are the emails that look like they are from your bank, or Paypal or eBay asking you to verify some sort of security problem by logging into your account. Places that have your financial details will NEVER send you emails like these. They are fake. The emails are attempts to steal enough of your personal info to ultimately steal your financial assets.
But the email looks real, right? I know I've had a few I was tempted to trust. So how do you make sure you don't accidentally end up losing money and screwing up your credit rating for someone else's personal gain? Here's a handful of ways that should make sure you never get tricked.
Don't Click Links - Don't click links asking for your personal information in email messages. Your bank won't send you an email like that ever. SOLUTION: Type in your bank's Web address in the address bar of your browser (or add it to your favorites and click the favorite). From there you can login and verify that your account is as it should be.
Don't Trust Threats - Your bank, the IRS, Paypal, etc., will never contact you via email with any threat of legal action or security breach. They also won't offer you found money via email. If there's some threat for in action in an email message, assume it's bunk.
Use the Phone - If you're still not convinced the email isn't real, call the business who supposedly sent it and get customer service on the line. Customer service people are paid to provide you information about your account and will be happy to make you comfortable with your account status.
Don't Use the Same Password Everywhere - One of the worst things you can do is use the same password everywhere. If you get tricked into revealing your password at one site, the email address and password combination could get the same thieves into every account you hold if you routinely use the same email address and password at all locations. If you need help picking passwords, something like Roboform comes in handy, because it will generate a password for you and store it securely so you won't forget it later. (And it's free for up to 10 passwords).
It is also wise to use different usernames when possible. Pick a unique username for your bank, ebay, your credit card company's site, and any other site that has personal financial data about you.
Tools to Help You Fight Phishing
Use visual cues in software to help identify potential phishing attacks.
Look for the lock in Firefox:
Look for the Green address bar and the Lock in IE.
It's worth pointing out that the secure certificates required to make the address bar turn green are expensive and even many legitimate financial institutions aren't currently using them. IE does a much better job of telling you when a site has a problem with its security by warning you with red in the address bar:
Watch for Warning Signs in email - For instance, Outlook will tell you if links in a message look suspicious.
Use additional software to help secure against phishing attacks. While IE and Firefox offer rudimentary warning signals, you can get additional protection by using one of the internet security software packages.
The best rule of thumb is to assume the messages are fake and verify your account by going directly to the financial institution's site. Your data will stay safe and you still get the peace of mind knowing your account info is up-to-date and secure.