Phishing is an online con game, and phishers are nothing more than tech-savvy con artists. In a typical phishing scam, phishers send out emails, which appear to come from a legitimate company, in an attempt to scam users into providing private information that will be used for identity theft.
Phishers use a variety of sophisticated devices to steal information—including pop-up windows, URL masks which simulate real Web addresses, and keystroke loggers that capture account names and passwords.
To protect yourself against phishing, follow these basic guidelines:
- Be wary of emails asking for confidential information—especially of a financial nature. Legitimate organizations will never request sensitive information via email.
- Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
- Familiarize yourself with a Web site’s privacy policy.
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them.
- Never submit confidential information via forms embedded within email messages.
- Never use links in an email to connect to a Web site. Instead, open a new browser window and type the URL directly into the address bar.
- Maintain effective software to combat phishing. Norton Internet Security automatically detects and blocks fake Web sites. It also authenticates major banking and shopping Web sites.
used with permission from Norton by Symantec