“Phishing” emails have become a common nuisance in modern life. Phishing is contact, often email, by someone posing as a legitimate institution to trick people into providing sensitive information. It used to be easy to spot these emails from a mile away. The “from” email address would be odd, the graphics wrong, and the body of the email would be littered with spelling and grammar mistakes.
Unfortunately, the bad guys have gotten smarter. Those easy and obvious clues have been replaced by sophisticated tactics designed to confuse and fool users into giving away key data like email passwords, social security numbers, and bank account information. So then, what can you do to protect yourself?
Use Common Sense – If you get an email from Bank of America but you use a different bank, hit delete. The same goes for an email from UPS when you don’t have any deliveries due.
Don’t Click the Link – Instead of clicking within the email, go to the company’s website to either log in or get their helpline phone number. If it’s there’s an actual issue, you should be able to get the information you need this way as well.
Know the Rules of Engagement – A frequently spoofed group is the IRS because of the breadth of their work. The IRS, as they do their best to publicize, will not contact you via phone or email. They send notices via the US Postal Service. The IRS will not call or email you with an urgent matter.
Certainly, the tips above aren’t exhaustive, but they are a good start. As the scammers get more sophisticated, we the users will have to adjust as well.