One of the most popular online frauds is a phishing fraud. What happens here is that the people running this fraud usually send you an email from a website that you normally trust, such as PayPal, your bank, credit card companies, etc. In the email they tell you that your account information needs to be verified or the account will be closed or you need to update your account info. Many times the email will include a link that will take you to a authentic looking website for you to enter in your information. Most of the information they are asking for is personal and can be used to steal your identity. One of the worst things about the phishing scam is that the emails all look very legitimate and sometimes it is actually really hard to tell if the email is a scam or if it is a legitimate email. But the good news is that there are things that you can do to recognize phishing so that you don’t become a victim. One of the most important things that you can do to spot a phishing email is to learn how to recognize a deceptive URL that is included in the email.
Difficulty rating: Moderate
Step one:
The first thing that you are going to want to do is to look for any major misspellings. Many times one or two words in the URL will be misspelled, which is a signal that the URL is not going to take you to the real website, but it will actually take you to a fake website that is used to steal your information.
Step two:
The next thing that you need to do is to drag your mouse over the URL. Many times the URL will state that it is for a valid company and that is what you see when you look at it. But if you drag and hold your mouse over the URL you will notice that the URL that pops up is different from the URL that you are looking at.
Step three:
Another thing that you can look for to help spot the fake URL is the @ sign in the middle of the URL. The only way you are going to see this is if you actually scroll your mouse over the URL to see the @ sign. But this is pretty much a solid way to tell that the URL is deceptive because legitimate companies will use an actual domain name.
Step four:
The last thing that you can look for to help figure out if the URL is deceptive is the beginning of the URL. Many times URL that are deceptive are going to start with http. Most companies actually use a secure site when you have to enter in your email address and password so if the company is legitimate they will most likely use the start of https. The “s” is what shows you that the website you are going to is a secure site.
Step five:
The last thing that you need to remember is that do not rely on just one of these steps because sometimes there are exceptions to the rules. So you want to pay close attention to all of the other signs, as well as the URL to determine if the email is part of a phishing scam.
Other tips/resources:
One thing to keep in mind is that even though the URL contains the company’s name or something similar that does not mean it is a real website. So whenever you are going to enter in a website you always want to open up a separate browser.
