Have you ever received an email with a subject line “Click here to claim your million dollars,” or “ATTENTION: Your Credit Card has been breached.”?
Chances are, you have. And while these types of emails provide a sense of urgency for you to react to, it’s likely they are not real, but rather part of a phishing scam.
What is Phishing?
Phishing scams are deceitful messages that seem to come from legitimate sources such as your bank, your internet provider or even school.
These messages direct you to provide private information such as your credit card, social security number, address, telephone number, and more. The scammers then use this information to commit identity theft or to add malware to your computer.
Why would someone try to hack me?
Often scammers are information collectors. They do not necessarily use that information for themselves. They sell the information online to people who are willing to pay for new identities, banking information, health information, and more.
What kind of email phishing scams are there?
Email scams can range from something as simple as a credit card stolen warning, but can range to something as complex as Ransomware.
Ransomware is malware for data hijacking, an abuse in which the hacker encrypts the victim’s data and holds it hostage until a fee is paid. This type of malware spreads through e-mail attachments, infected programs, and compromised websites.
How can you tell the difference between a legitimate email and a phishing scam?
It’s probably a good idea to be suspicious of any email request for sensitive information or links in an email without much information. If a prince from Saudi Arabia wants to give you his millions because he found out you’re a good person and you have never heard of him before, it’s best to block this user.
Pay attention to who is sending you the email. Often times email addresses can be very “phishy.” They may have complex email addresses like P1x3L.StR4T3Gy@NTRT1CA.org.com, or come with attachments.
How to Avoid Phishing Scams
Be suspicious of any email message that asks you to enter or verify personal information through a website or by replying to the email itself.
Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company’s website (i.e., type the real URL into your browser) or contact the company to see if you really do need to take the action described in the email message.