Tuesday, July 24, 2007

10 Tips to Avoid Phishing Scams

Whenever you're about to interact with a financial Web site or a site that asks for personal information, use the following tips to steer clear of phishers:

  1. Always type the address of the site you want to visit directly into your browser. Phishing e-mails use addresses that look legitimate but send you to the fake site when you click.
  2. When you visit the site, be alert to spelling and grammatical errors, bad formatting and spacing and strange or inconsistent use of company logos. Phishing sites often make these kinds of mistakes.
  3. Don't be fooled by the presence of genuine links and telephone numbers. Fake sites often include some accurate information to help trick people.
  4. Security certificates (the lock icon representing "SSL") can be spoofed. If something doesn't feel right about the site, don't let your guard down just because you see the certificate.
  5. Be especially suspicious of e-mail containing urgent warnings about account problems. These are designed to panic people and make them ignore their common sense.
  6. Don't assume that an e-mail is legitimate even if the sender's name appears to be the name of a legitimate institution. The "From" field in an e-mail can be faked to look legitimate.
  7. Scammers use the address or URL to trick you by hiding their true nature at the end of a long address (e.g. http://login.realfinancialinstutionname.actualphishingsite.com). When in doubt, call the institution for assistance before providing any personal information online.
  8. Be cautious about using your main e-mail address to sign up for Web offers. Some sites allow addresses to be picked up by phishing gangs. McAfee's free SiteAdvisor tool warns you about sites that resulted in unwanted e-mail.
  9. Use a stand-alone spam filter or a security suite with a built-in spam filter from a well-known vendor like McAfee to reduce the number of phishing e-mails that make it to your inbox.
  10. Use a browser with built-in phishing protection like Internet Explorer 7 or Firefox 2, and add additional anti-phishing by using the free McAfee SiteAdvisor plug-in.

No comments: