As a review of best practices, this week we focus on the pitfalls of phishing. It’s nothing new, but sometimes it helps to have a reminder. If you open an email or text, and see a message like:
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
“Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
The senders are phishing for your information so they can use it to commit fraud.
The best course of action is to delete the email and text right away. Legitimate companies don’t ask for personal information via email or text.
The messages may appear to be from organizations you do business with – banks, for example. They might threaten to close your account or take other action if you don’t respond.
Don’t reply, and don’t click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.
If you’re concerned about your account or need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
To avoid a phishing attack:
• Use trusted security software and set it to update automatically.
• Only provide personal or financial information through an organization’s website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the “s” stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
• Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.
For more useful tips on information safety, please visit www.hvshred.com