What is phishing?
Phishing is an attempt to steal sensitive information, such as your social security number or passwords, by posing as a trusted company. It is most commonly attempted via an email that will claim to come from a trusted company, such as your bank or your credit card company. If you follow the links provided in the email, you will appear to be providing your information to the trusted company, while in fact you will be providing that information to a phisher. Phishers are known for using this information for identity theft and other fraudulent acts.
How do I recognize phishing?
Phishing attempts are getting more and more difficult to recognize. There are some general rules of thumb that can help you identify them.
First, companies should not ask you any sensitive information via email. Legitimate companies that require sensitive information from you will typically send you a physical letter or require that you come in to their place of business to confirm your identity. If an email contains a link that you can click on, you should be suspicious.
Second, if the information request appears to come from a company that you do use, such as your bank, and you are unsure if it is a phishing email or not, give them a phone call instead of following the link in the email.
Third, almost any company that can contact you via email could also contact you via phone. Despite whatever consequences of not responding are listed in the email, consider not responding. Almost all large companies, especially financial institutions, will attempt to contact you through a means other than email before taking any action against your account.