Home Services IT – Information Technology Phishing Protection

Phishing Protection

What is Phishing?

‘Phishing’ is when a malicious person sends an email, text or instant message that looks and sounds legitimate in order to compel you into providing confidential information such as a username, password, bank account number or a PIN.

One of the most common methods of phishing is via email. A phishing email may ask a user to click on a link to verify their account information, open an attachment to view a document, or message, or verify their username and password by replying to the email.

 

 

The following are clues of some common characteristics associated with phishing emails:

  • The email is addressed to a generic recipient.
  • The email projects urgency, prompting the user for immediate action.
  • The email contains an embedded link behind another link or text.
  • The email subject line is uninformative and doesn’t reflect the message content.
  • The email doesn’t include an informative signature.
  • The email prompts you for username and password or other sensitive information.
  • A phishing message may include misspelled words, grammatical errors, or confusing information.

How to Avoid Phishing Scams

  • Refer to our Use of Email Guidelines
  • As a general rule, you should be careful about giving out your personal financial information over the Internet.

Protect your Password

  • You will never be asked for your password by via email – all such requests are fraudulent.
  • Never send your password in an email.

How can I tell if a web page is secured?

There are two general indications of a secured web page:

  1. Check the web page URL – Normally, when browsing the web, the URLs (web page addresses) begin with the letters “http”.  However, over a secure connection the address displayed should begin with “https” – note the “s” at the end.
  2. Check for the “Lock” icon – There is a de facto standard among web browsers to display a “lock” icon in the window of the browser (usually next to the website address).

THE LOCK ICON IS NOT JUST A PICTURE!  Click (or double-click) on it to see details of the site’s security.  This is important to know because some fraudulent web sites are built with a bar at the bottom of the web page to imitate the lock icon of your browser!  Therefore, you should become familiar with the functionality built into this lock icon.  If you browse to your own banks website, you should see the Lock and if you click it you should see it is ‘secured’.

 

Other Helpful Tips:

  • Unless an email is digitally signed, you can’t be sure it wasn’t forged or spoofed.
  • ‘Phishers’ have the ability to spoof and/or forge the https:// that you normally see on a secure Web server and a legitimate-looking Web address, which – again – is why you should always type the web address yourself instead of clicking on displayed links.