With fishing, a good fisherman knows that it's all about the bait. Whether or not to choose live bait, the type of bait, and the amount depends on the type of fish that the fisherman is trying to catch.
With "phishing" however, the "fisherman" is actually a scam artist who simply wants to catch any fish - personal information - and will use any baiting method to trick you into giving up your info.
Have you ever been a victim of a phishing scam? If so, then you're already familiar with the ruinous consequences. But for those of you who don't know how damaging a phishing scam can be, consider the fallout experienced by a phishing victim:
A Facebook user is warned that she needs to verify her account information immediately or her account will be closed. A rather official looking email requests her account details, including her email address, password, security question and answer, and other details. After providing the information, the user began to feel suspicious of the request but it was already too late. The woman's account was hacked, her personal information was compromised, and ultimately, the phisher was even able to access one of her debit cards.
How can you avoid falling for a phishing scheme? Follow these three basic rules and avoid being tricked:
- Don't be phased by how important, urgent, or scary an email sounds. Ignore it. Rather than clicking the "reply" button, go directly to the website of the company that email is supposedly from.
- Remember that legitimate companies rarely (if ever) ask for your username, they never ask for your password, and there should be a lock icon in the address bar of your browser window if you're asked to enter sensitive information.
- Don't do anything if you're in a hurry. Don't rush through the email or get inpatient trying to uncover the truth. Taking your time can prevent disastrous decisions.