Phishin’?  You’re probably asking yourself, “doesn’t this so and so have spell check?  It’s spelled f-i-s-h-i-n-g and it’s an enjoyable (sometimes) pastime!”  I know how to spell fishing, though I haven’t been in years.  The word “phishing” means something completely different but also, strangely enough, the two are quite similar. 

We live in the digital age.  Most everything we have, use, or do has something electronic that makes it easier.  In the workplace and at home, writing letters and sending faxes have been replaced by sending emails.  If you asked random people on the street, I’d wager that 99% of them have an email address.  It’s the norm for communication now.  It’s a great tool that we can carry in our pocket and reach out to anyone at any time and get an almost immediate response.  What could be the down side!?

Have you ever watched the show Lost in Space from the 60’s?  Whenever there was an impending threat, The Robot (or Robot), would alert the character Will Robinson by simply exclaiming, “Danger, Will Robinson!”  That’s where we’re at with electronic communication.  We need a robot helper in our inbox to shout, “Danger, insert name here” whenever we check our email.

What does this have to do with phishing?  To answer this, let me explain what phishing is.  Phishing is the attempt to acquire sensitive information such as usernames, passwords, and banking information (credit card info, debit card info, account info ,etc.), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication (Wikipedia).  I’m sure you remember the days when you’d receive a message from a “Nigerian prince” offering an untold fortune if you’d just wire them some money for assistance.  Most everyone knows that these are scams nowadays. 

Phishing emails have come a long way and are much more sophisticated today.  Have you ever received an email from a package delivery company that looked spot on but don’t remember ordering anything?  Have you received an email from a company you deal with but are unsure why you’ve received it?  Hackers and scammers are able to create emails that look almost indistinguishable from legitimate emails for the sole purpose of stealing your information. 

“How do I protect myself?” 

• Think before you click – It’s ok to click on links when you’re on trusted sites. Clicking on links that appear in random emails and instant messages, however, is never a good idea. Hover over links that you are unsure of before clicking on them. Do they lead where they are supposed to lead? A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website but it’s actually a phishing site.  It’s better to go directly to a site than click on a questionable link.
• Verify a site’s security – It’s natural to be a little wary about supplying sensitive financial information online. As long as you are on a secure website, however, you shouldn’t run into any trouble. Before submitting any information, make sure the site’s URL begins with “https” and there should be a closed lock icon near the address bar. Check for the site’s security certificate as well. If you get a message stating a certain website may contain malicious files, do not open the website. Never download files from suspicious emails or websites. Even search engines may show certain links which may lead users to a phishing webpage which offers low cost products.
• Check your online accounts regularly – If you don’t visit an online account for a while, someone could be have a field day with it. Even if you don’t technically need to, check in with each of your online accounts on a regular basis. Get into the habit of changing your passwords regularly too. To prevent bank phishing and credit card scams, you should personally check your statement regularly. Get monthly statements for your financial accounts and check each and every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
• Keep your browser up to date – Security patches are released for popular browsers all the time (Internet Explorer, Google Chrome, Mozilla Firefox, Safari, Microsoft Edge, etc.).  They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit. If you typically ignore messages about updating your browsers, stop. The minute an update is available, download and install it.
• Be wary of pop-ups – Pop-up windows often masquerade as legitimate components of a website. All too often, thought, they are phishing attempts. Many popular browsers allow you to block pop-ups; you can allow them on a case-by-case basis.  If one manages to slip through the cracks, don’t click on the “cancel” button; such buttons often lead to phishing sites. Instead, click on the small “x” in the upper corner of the window.
• Never give out personal information – As a general rule, you should never share personal or financially sensitive information over the internet. This rule spans all the way back to the days of America Online, when uses had to be warned constantly due to the success of early phishing scams.  When in doubt, go visit the main website of the company in question, get their number and give them a call. Most phishing emails will direct you to pages where entries for financial or personal information are required. Confidential entries should never be made through the links provided in the emails. Never send an email with sensitive information to anyone. Make it a habit to check the address of the website. A secure website always starts with “https”.
• Use antivirus software – There are plenty of reasons to use antivirus software. Special signatures that are included with antivirus software guard against known technology workarounds and loopholes. Just be sure to keep your software up to date. New definitions are added all the time because new scams are also being dreamed up all the time.

Be vigilant and on guard.  It is our duty as the users of technology to be on our toes and look out for the bad stuff.  Knowledge is power.