The subject of phishing has been coming up more and more in the news lately, but how much do you really know about this topic? How easy would it be for a scammer to gain access to your personal information, just by sending you an email? Do you know how to recognize a legitimate email, as well as a phishing email? What exactly is phishing, anyway?

Phishing is a criminal process in which scammers masquerading as legitimate businesses attempt to gain access to your personal or financial information. They send emails posing as a member of a business, bank, or other institution, asking for financial information or passwords. Phishing emails can often look alarmingly real, and may appear to be from reputable companies, such as eBay, PayPal, online stores, etc. They generally contain a link that appears to be legitimate, but instead takes you to a site the scammer uses to harvest personal information like passwords, account numbers, and other identifying information.

To avoid being the victim of a phishing attempt, never enter your personal information into a form you access from an email. For example, if you receive an email from eBay asking you to click a link and then enter your personal information, it is most likely a phishing attempt – even if the site looks similar to the eBay site. Instead, go to your account, log in, and look for any messages they may have for you. If there are none, contact the company and ask if the email is legitimate.

Most stores and online banks clearly state in email that they send that they will never ask you for your password. However, scammers have become aware of this, and may send similar warnings in their own fraudulent emails. Be very wary of links sent through email – if you have any doubt, log out of your email program and type the link for the business in manually.

Suspicious emails may include misspelled words, poor grammar, unfamiliar links, or a logo that doesn’t quite match up with the original site’s. Keep an eye out for greetings like: dear user, dear account holder, or other generic greetings. Legitimate emails will often greet you by name or user name. Many phishing emails also include threats to encourage the reader to act, such as stating that their account is about to be suspended. If you are unsure about any email, forward it to the site it appears to be from, and ask them to verify that it is legitimate. PayPal, for example, runs an active anti-phishing campaign.

Have a great day!