Protect Yourself From Phishing Scams

It's Easy to Avoid Becoming a Phishing Victim

Woman wearing glasses working on computer
Jamie Grill/Getty Images

Phishing attacks have become more sophisticated, and users need simple steps they can use to protect themselves from becoming victims of phishing scams. Follow these steps to avoid being a victim and protect yourself from phishing scams.

Be Skeptical of Emails

It's always better to err on the side of caution. Unless you are 100% sure that a particular message is legitimate, assume it is not. You should never supply your username, password, account number or any other personal or confidential information via email and you should not reply directly to the email in question. Ed Skoudis says “If the user really suspects that an e-mail is legit, they should: 1) close their e-mail client, 2) close ALL browser windows, 3) open a brand new browser, 4) surf to the e-commerce company's site as they normally would. If there's anything wrong with their account, there will be a message at the site when they log in. We need people to close their mail readers and browsers first, just in case an attacker sent a malicious script or pulled another fast one to direct the user to a different site.

Not Sure if it's Phishing? Call the Company

An even safer means of verifying if an email regarding your account is legitimate or not is to simply delete the email and pick up the phone. Rather than risking that you may somehow be emailing the attacker or misdirected to the attacker’s replica website, just call customer service and explain what the email stated to verify if there is truly a problem with your account or if this is simply a phishing scam.

Do Your Homework 

When your bank statements or account details arrive, whether in print or through electronic means, analyze them closely. Make sure there are no transactions that you can’t account for and that all of the decimals are in the right spots. If you find any problems contact the company or financial institution in question immediately to notify them.

Let Your Web Browser Warn You of Phishing Sites

The latest generation web browsers, such as Internet Explorer and Firefox come with built in phishing protection. These browsers will analyze web sites and compare them against known or suspected phishing sites and warn you if the site you are visiting may be malicious or illegitimate.

Report Suspicious Activity 

If you receive emails that are part of a phishing scam or even seem suspicious you should report them. Douglas Schweitzer says "Report suspicious e-mails to your ISP and be sure to also report them to the Federal Trade Commission (FTC) at".

Editor's Note: This article was edited by Andy O'Donnell