If you’ve been confronted with a message like this, you may have been the victim of an attempted scam.
There are many ways cyber-criminals try to gain access to your personal information, but there are usually ways of noticing that something mischievous is going on – as long as you know where to look. One of the more nefarious ways for hackers gain access to your information is a method called phishing. A criminal will typically send you an email that is disguised to look official, like a message from your internet service provider or some government organization. Generally there will be a link in the email that sends you to a website which will ask for personal information, such as your credit card number or social security number. Once you put in the information and submit it, the criminal has all the data.
There are a number of ways to detect phishing scams. First, stay calm and ask yourself: Does it make sense that your internet service provider is asking for your social security number? Most companies will not send out emails that blatantly ask for personal information, and if they do, they will usually go above and beyond to show you that it’s legitimate. Pay attention to logos and signage in the email and on any websites that are linked to it. If they look suspicious in any way, consider calling the company first to confirm that the message you received is authentic. In general, never click on links in emails that you were not expecting to receive.
Additionally, look at the addresses of the email’s sender and any websites that are linked. For example, if the message is supposed to be from a government agency, the email address should end in “.gov”, not “.com” or “.net”. Also, if a website is asking for personal information, it will typically be secured using encryption. You can tell just by looking at the address bar; if the address starts with “https” as opposed to “http”, that means the website you’re looking at is secure. However, this alone should not convince you the website is legitimate. You should take into account all of the previously mentioned factors when trying to determine an email or website’s authenticity.
Finally, let’s talk about passwords. We all hate them and wish Apple would hurry up and install fingerprint readers and retina scanners in all their devices, but for now, we have to deal with them. There are a number of strategies for maintaining secure passwords, the first being that you should not have the same password for every website. Imagine having the same lock on your house, your car, and your safe deposit box. Once a criminal gets the key to one thing, he has access to everything. The best practice is to have unique passwords for every online account, especially sensitive ones like online banking and email accounts. For maximum security, those passwords should have at least eight characters, contain a mix of letters and numbers, and should not contain any words that could be found in the dictionary
Naturally, with so many unique passwords, you may have trouble remembering them all. That’s why it’s also important to have secure records of all your passwords. No, writing them down in the Notes app on your iPhone/iPad is probably not a good idea, especially if the device does not have a passcode set up. If you want to go the digital route, consider using a third-party app like 1Password (available on the App Store for Mac or iOS). This App stores all your passwords securely using encryption, and allows you to set up a single “master password” that can then be used to unlock and access all the others. As long as the master is a secure, hard-to-guess password, there is very little risk of anyone being able to steal your information.
Hopefully these tips will help keep you safe in the future as you navigate the wonderful – but sometimes chaotic – world that is the internet. You can think about it like walking around a big city late at night; as long as you stick to streets you know and keep a sharp look out for any suspicious activity, you should be just fine.
For further reading on best practices and internet security, check out the following websites: