By definition, Phishing is a form of Internet fraud aimed at stealing valuable information like credit card numbers, user ID’s, account information, and passwords. It is usually combined with a warning that your information or account may be in jeopardy, and will come with images and information making you think the source is a legitimate institution.
Almost all Phishing scams come in the form of an email.
The email will be from a bank or financial institution telling you things like your account is overdrawn, your information may be at risk, your password is about to expire, or some other “security” related issue. The message then asks you to click a link and log-in to your account to verify the accuracy of the information. It will try to scare you with comments that your account may be closed if you don’t respond in a certain time frame, or make you believe there is some other, urgent reason for you to have to login to your account.
The email will even use the same colours, layout and logo from your financial institution. But while it looks valid enough, be warned. Financial institutions will not contact you by email if there is a problem with your account. They will phone you.
As well, most Phishing emails use a generic header. Dear valued customer, or Dear account holder. Your financial institution would know your name if they are contacting you directly.
The purpose of a Phishing scam is to panic you into clicking on the link and entering your information.
Always be suspicious of an email that asks you to click a link to login.
Here is a great explanation of Phishing scams by the folks at CommonCraft.
