This holiday season, buyers everywhere will flock to the Internet to rack up savings on deals and avoid the hassles of shopping in malls and department stores. Unfortunately, shopping online without using caution can lead to great headaches due to the prevalence of criminal activity. One of the most devastating identity theft techniques comes in the form of email phishing.
Phishing involves the use of phony links, emails and websites for the purpose of gaining access to sensitive consumer information — usually by installing malware on the target system. This data is then used to steal other identities, gain access to valuable assets and overload inboxes with email spam.
In addition to affecting desktop computers, a mobile device does not mitigate phishing attempts. As with the SMS notifications, if you feel the email could be legitimate, log directly in to that account and do not click the link.
Currently there exists a misconception amongst consumers that phishing is not something that could happen to the average user. However, it was recently reported in the APWG Phishing Activity Trends Report that as of June 2013, 38,110 websites were identified as hosted phishing domains. To make matters worse, as many as 425 brands were recently targeted by phishing attempts.
The following tips can help you avoid the pitfalls of being targeted by phishing campaigns during the holidays:
1. Trust your spam filter
Browsing through your junk email box is important as your spam filter might occasionally send important emails to the trash. However, more often than not an item is sent to the spam filter because it is dangerous and filled with malware. Trust your spam filter. If an important email winds up there, you can always ask a user to re-send the information. To protect your critical information, avoid clicking on ANY links from an email sent to the spam box.
2. Beware of misspellings in email subject lines
When you get an email with incorrect or misspelled names, or the email is a grammatical disaster, there is strong likelihood that it could be a phishing attempt. These emails are not hard to identify. Chances are, if you get an email from an official company and it looks like an individual with a poor grasp of the intended language wrote the content, do not click or open it.
3. Look out for random or misspelled hyperlinks
If you are presented with a link that is shortened and contains jumbled letters — or appears to take you to a nefarious website — these are common signs of phishing. Always examine the link before you click on it to avoid clicking on malware and infecting your computer. A helpful way of avoiding malevolent links is to investigate the website in question by safely performing a Google search.