While this could be an easy task for someone, it can be a hard task to others. In order to be able to differentiate between the two, build a habit of reading as many tips as you can regarding internet scams. No one can say they have qualified in this subject as phishing tactics change almost every day. Keeping yourself abreast of these new ways will save you out of a lot of troubles.
- Do not reply to any message coming from a person unknown to you. Do not reply even to a person you know if you are suspicious that the contents of their message seem unrelated. It is sound too good to be true, it probably is.
- Do not provide any personal information such as your date of birth, place of birth, nationality, bank account number, password(s), telephone number, social security number (SSN or SS#), TIN, passport ID # etc. There is no legitimate business that will just ask you for this information especially when you have already provided it in the past during registration. Be sure by calling them and asking if they wanted your information. When calling, do not use the number in the email which says call this # instead, go to the bank or company's OFFICIAL website and get the customer service number from there. Sometimes, spammers could give you a number to call and they will pick and give you wrong answers, their goal being to mislead you so that you give them your information.
- Do not click on any URL address link inside an email message, instead, point your mouse on it, then read the words which shows up at the bottom, left corner of your browser. This will help you see if the URL is pointing to what is being talked about. Even when the URL is correct, the best way to access it is by copying the URL and pasting it on your browser's address location bar. Sometimes, pasting the URL link address on search engines may give you results for genuine and false links.
- Do not trust all shortened URL. Use websites such as www.untiny.me or sucuri.net which can uncover the URL and show where it really points.
- Do not call any telephone number in order to provide your information over the phone. Some scammers can mask their numbers so that it is impossible to tell where the call is being routed.
- Do not open any attachment you receive, even if it is coming form a person you know but you didn't expect. Call them (if possible) and ask for details or keep quiet and if it is important, they will send again the attachment or call you to ask whether you received the attachment or not and what it was in it.
- If you live in a country where their mode of transaction is through credit or debit card, make sure you review your account statements regularly to ascertain bank activities. If you see even a single cent deducted from your account without clear clarification, call or visit your bank to report and ask for clarification.
- Make sure you are using secure and encrypted website whenever necessary especially when providing sensitive information. The way to know if a site is encrypted or not is by looking at the browser's address to see if the prefix http has an 's' at the end of it, i.e https and not just regular http. The 's' denotes 'security' or 'secure' feature.
It is reported that, people who spent at least 15 minutes playing the Anti-Phishing Phil game were better able to identify fraudulent websites than people who spent the same amount of time reading traditional anti-phishing tutorials.
- Follow this link: wombatsecurity.com/antiphishing_phil and click on the words saying ‘Play!’
- Click on this: SonicWALL Phishing IQ Test and test yourself. When you have completed the test you’ll get a score along with a chance to see “why” a question was a phish or legitimate.
- Microsoft - office.microsoft.com/en-us/help/HA012300411033.aspx
- USA Government FTC - ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
- USA Government OnGuard Online - onguardonline.gov/index.html
- SANS Institute, Security Awareness tip -sans.org/tip_of_the_day.php?utm_source=web-sans