When hackers go on a “phishing trip” they are going out trying to get you to give them your username/password, and it all starts with an email.
Now, of course, you’d never do that. You’re way to smart for that… aren’t you.
A Phishing attempt however knows that you are smart, and will try to tell you something is wrong with your account, or you need to check your account because they saw some irregular activity.
Their email looks legitimate, and they’re using your bank, Amazon, etc logo. And while they link they provide will take you to a page that looks like eBay, PayPal, etc, it is actually owned by a hacker, and they will collect your user name and password if you give it to them.
If you enter it, it might give you an “error” page, or tell you that your account is unlocked, but in reality, they are just collecting information, and since so many people use the same user name (usually an email) and password, they can then start to try to hack every other account that they really want.
Ways to check against a phishing attempt:
- Do you have an account with them? (I get attempts for my Apple account, but I don’t have any Apple products)
- Do they have obvious spelling/grammar errors?
- How urgent does it sound? (The more urgent, the less likely it is to be real.)
What should you do:
- Go to the bank/company/etc page in your browser. (Do NOT use the link in the email), check their home page. Does it offer warnings, if so change your account info there, not from the page that they link you to.
- Delete the email.
- Go get a coffee, or your other favorite beverage and relax knowing you’re OK.
What if you fell for it though. I know some are convincing, and I’ve almost fallen for a few myself… well, log in to your actual account and change your password. If you have other accounts with the same username/password, change those passwords as well. Need a random password, use our random password generator to help you make some up.
Make sure your passwords are unique to the website, and use a password manager if you need to.