Often posing as a request for data from a trusted third party, phishing attacks are sent via email and ask users to click on a link and enter their personal data. Phishing emails have gotten much more sophisticated in recent years, making it difficult for some people to discern a legitimate request for information from a false one. Phishing emails often fall into the same category as spam, but are more harmful than just a simple ad.
HOW DOES IT WORK?
Phishing emails include a link that directs the user to a dummy site that will steal a user’s information. In some cases, all a user has to do is click on the link.
HOW CAN I PREVENT IT?
Verify any requests from institutions that arrive via email over the phone. If the email itself has a phone number, don’t call that number, but rather one you find independently online or within documentation you’ve received from that company.
Most companies are adamant that they will not ask for personal information via email. At the same time, most companies strongly recommend that users not make sensitive information available.
While it might seem like a pain to make a phone call to find out if something is legitimate, the hassle of having your Social Security number or PIN stolen is worse.