The problem with phishing emails is that the people who send them out actually spend time on them to make them look legitimate. They often include graphics and logos that are either created to look like those of the real company or are stolen from the real company. The link URLs included in the email, as well as the sent-from email address included in the email often look legitimate as well.
Most businesses have caught on to identity thieves using their online services to try to steal personal information from people; and they have begun to fight back by publishing articles on their web sites that, if followed, will help their customers identify a phishing email that claims to be from them. Although the advice varies from company to company, many of them follow these same basic guidelines:
- No legitimate business will ever send an email that specifically requests your personal information, such as your password or username.
- Most businesses have a particular email address and browser address that they use for verification purposes and do not, under any circumstances, use a different email address to send notifications or have a different browser address.
If in doubt, be very cautious when reading or replying to emails that:
- Ask you to enter any personal information (such as your account password, bank account number, PIN, credit card number, or Social Security number).
- Address you as anything other than your full name.
- Is unable to confirm their legitimacy by providing you with your information.
- Use scare tactics, such as telling you that your account is going to be closed or that you have been a victim of fraud, to try to coerce you into following their links.
