Identity thieves bait for their phishing schemes in many different ways, often posing as trusted businesses or organizations such as banks or the IRS. Learning how to avoid phishing attacks keeps you from taking the bait and becoming a victim.
1. Take an Active Role
Internet links, phone calls and emails sometimes harbor ill intent. Many phishing schemers attempt to trick you in to giving up personal information like bank account and Social Security numbers. It is important to be extra cautious when information is requested through one of these avenues. For example, if you receive a phone call from someone claiming to work for your bank, hang up the phone and call the number on the back of your debit card.
2. Install Antivirus Software
The best antivirus software programs, such as Bitdefender and Kaspersky, have antiphishing functionality that protects your identity. Install the software on all of your devices, and keep it up to date.
3. Avoid Popups
Many phishing scams involve pop-up screens that ask for information like passwords and zip codes. To prevent identity theft, avoid entering personal data in those popups.
4. Filter Your Emails
Phishing scams might involve email messages that mimic those from legitimate or trusted sources. To protect yourself, look for tell-tale signs of phishing emails, including domains that don't match the supposed source and suspicious threats that attempt to scare you in to taking a specific action.
5. Match Receipts to Statements
Keep the receipts for every purchase you make both on and offline. Then, compare them to your bank and credit card statements when they arrive every month. If you find suspicious charges, report them to your financial institution immediately.
6. Keep Personal Data Out of Correspondence
Don't send your bank account, Social Security number or credit card information via email. If a scam artist hacks your email account, he or she enjoys unrestricted access to every email you have sent. Additionally, consider changing your email password on a regular basis and using unique passwords for every account.
7. Enter Fake Passwords
To test the legitimacy of a website, enter your username and a fake password first. If the site doesn't flag the password as incorrect, you know you've landed on a fraudulent site, and the creators want to capture real passwords. Only take this step once, as some organizations lock accounts after too many failed log in attempts.
8. Practice a Friends-Only Policy
When you receive links, attachments or other media, avoid accessing them unless you recognize the sender. Since email accounts sometimes fall victim to hackers, you might ask the sender about the legitimacy of a suspicious email before you click on links or download attached files.
9. Update Your Browser
Internet browsers depend on regular updates to guard against the latest known threats. When your browser prompts you to update, don't put it off, as this reduces internet surfing security.
10. Conduct Some Research
When an unfamiliar number shows up on your phone, run a quick Google search to determine its origin. If someone else has received a similar phone call, they might have posted about it online. The same goes for searching based on the text of a fishy email.