They want your passwords. Hackers use a technique called phishing to get you to unknowingly tell it to them. The technique is simple and clever, but if you know the simple things to look for then you’ll never be duped.
How Phishing Works: Hackers send you an email that appears to be from a reputable source, such as PayPal or Facebook. The message informs you of some urgent reason you need to log into your account on this site, and it provides a link. The link they provide, though, is to an imitation of Facebook. These pages can be almost exact copies of the real site. And when you enter your username and password into this fake site, you have just given the hackers your password.
Even worse, most of the victims of this trick don’t even know it happened – until they see the consequences. Common objectives of hackers range from stealing your cash to using to Facebook account to tell all your friends how much you love Viagra or some other such product.
These attacks are on the rise and more and more people are getting tricked by them, so I’m going to show you how to quickly and easily spot them. Here is an example of an email I received containing a phishing attempt for my Facebook password:
It says I have missed activity on Facebook, five friend requests in fact, and it provides a link for me to follow. Here’s how to tell if an email is a phishing scam.
Perform this check on all emails with links:
- Check the link: Hover your pointer over the link and a small window will appear revealing the address this link goes to. We see in the above example that this link clearly is not to Facebook.com. (The above image is taken from Microsoft Outlook. If you are using web-based mail such as Gmail watch for the pop up in the lower left hand corner of your web browser.)
- Check the sender’s address: Look at the address this email came from. The domain name should match the web site. For example, we would expect an email from Facebook to come from firstname.lastname@example.org. The from address can sometimes be faked, though, so even if they match we still
- When in doubt, do not click any links in emails. Instead open your web browser and type the address of the site you want to visit manually, i.e. Facebook.com.