Always be careful and aware when you’re online – Without the ability to con an individual, technology itself will now be able to successfully scam money out of a persons bank account or credit card. Though there is some technical vulnerability which may aid the con process, it is nearly always down to the vigilance and care of the individual to prevent a con.
Be careful where you use your e-mail address online – One way to avoid financial phishing is to keep your e-mail address private, and not to use it too frequently online. By limiting where you use your e-mail address when registering for different websites etc. you can keep limited the chances of your address being used by scam artists who might get their hands on your address. It may be an idea if you do register frequently for different sites to have a special e-mail address for that purpose, and therefore limit the exposure of your “proper” e-mail address to scammers.
Don’t get upset or worried about the tone of an e-mail – If you receive what looks like a threatening e-mail from your bank, you don’t have to react immediately – when have you ever known a financial institution to react instantaneously? Wouldn’t you expect to receive a letter through the post? Didn’t you receive your online banking credentials through the post originally? If there are any problems, won’t you receive them in the same way next time around? Scam artists depend on getting people upset so they won’t think things through logically in the home that they will react instantaneously. Don’t fall into this trap – think things through.
Don’t give out information that your bank should already have – Phishers will ask for sensitive information that the real company would already have, such as usernames, passwords, credit card numbers, and so on. Your real financial institution will most likely have your real name. Never fill out forms in e-mail that ask for personal information. Give sensitive info only over a secure Web site or by telephone.
Never use an e-mail link to access financial websites – Access the site directly by typing the address into the address bar or use your bookmarks. Scam artists can make links look realistic but which will still take you to a false website. Phishers can make e-mail links do any of the following nasty tricks: Take you to the legit site but sneak in a pop-up window from a phisher’s site that asks for personal info. Or they can direct you to a site that is very similar to the real site where it’s hard to tell the difference.
Look out for errors or mistakes – Is your name spelt correctly? Or is it in an unusual format? Phisher e-mail is generally not personalized, or if it is, contains only the same name you use in your e-mail address. Check the grammar and spellings in the text of the e-mail. Check the name of the financial institution in the e-mail – is it exactly the name of the institution as you normally recognise it?
Always ensure that any site you access is properly secure – Usually, you can tell if you’re on a secure server if the URL begins with https: instead of http: and if you see the security symbol locked in your browser. But phishers can get legitimate-looking certificates and fool people, as happened recently to a credit union in Utah. If you get a warning about a site’s security certificate, read it. If the certificate isn’t valid, don’t go there. Don’t rely entirely on the fact that a URL begins with https:.
Check your accounts balances regularly – Don’t go more than a month without logging in to an online account to check activity. Pay attention if the account tells you when the last time you logged in was. Is that when you really did last log in? The more you check the better. Check your statements from financial institutions, too. If you ever see suspicious activity, contact your bank and card issuers immediately.
Keep your software updated and secure – Keep your browsers and operating system up-to-date with the latest security patches. Windows XP can automatically patch your system, if you set it. If you use Internet Explorer, you should download this patch immediately if you haven’t already. Use antivirus and anti-spyware apps and firewalls and keep them current. Check out the use of personal firewalls as an extra level of security on your machine.
Make sure you use the security features in your software – Tools such as pop-up blockers can be useful in protecting yourself from scams. While sometimes you may think that you’re accessing a site where it’s okay to allow pop-ups, you should make sure that it’s always active.
Don’t respond to phishing e-mails – By responding to such e-mails, you’re letting the scammers know that your e-mail address is active and valid. This will then open you up to a barrage of further e-mails attempting to con you.
Reassure yourself that you’ve identified a scam e-mail – Search the web for the text of the e-mail that you’ve just received – chances are that if it’s dodgy, other people will have reported it, or highlighted it elsewhere online as well.
Block future e-mails from this source – Once you’ve satisfied yourself that you’ve received a phishing e-mail, use the blocking feature in your e-mail application to block any further e-mails from that address. They’ll in future be blocked from your inbox, and won’t cause you any bother in the future.
Use your common sense – Are you expecting an e-mail communication from your bank? Have you even allowed them to use e-mail as a means of communicating with you? When was the last time you accessed your online accounts – were there any problems or issues then? Have you received multiple e-mails all at the same time telling you the same thing – this is a common tactic of some phishing scams.
If in doubt, do nothing – You can always ring up your banks telephone banking service and see if the e-mails you’re receiving are legitimate.