Print this Page

Send to a Friend

Share on Facebook

Share on Twitter

Cybersecurity Alert - How to avoid a phishing attack

According to Wikipedia, "Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication..."

Here are six tips on how to spot phishing attacks and prevent the bad guys from stealing your credentials, identity, credit cards and money.

1. The email has misspellings or grammar errors

This is one of the most common signs that an email is a phishing attack. Often, it is easy to spot, such as 'Dear Amazon Costumer' instead of 'Dear Amazon Customer.'

They can be more difficult to spot, so make sure to look at the email closely. For example, the subject line of the email might read "Health coverage for the unemployeed." No legitimate company would send out a marketing email with a spelling or grammar error. So when in doubt, check the email closely for misspellings and improper grammar.

2. The web address or hyperlink is different from the one shown

The hyperlink or URL in a phishing email may include the name of a legitimate organization. But when you hover the mouse over the link (without clicking it), you may discover in a small pop-up window that the actual URL differs from the one displayed and doesn't contain the bank's name. Similarly, you can hover your mouse over the address in the 'from' field to see if the website domain matches that of the organization the email is supposed to have been sent from.

3. The email urges you to take immediate action or else!

Often, a phishing email tries to trick you into clicking a link by claiming that your account has been closed or put on hold, or that there's been fraudulent activity requiring your immediate attention. Of course, it's possible you may receive a legitimate message informing you to take action on your account. To be safe, though, don't click the link in the email, no matter how authentic it appears to be. Instead, log into the account in question directly by visiting the appropriate website, then check your account status.

4.The email says you've won a contest

A common phishing scam is to send an email informing you that you've won the lottery or some other prize. All you have to do is click the link and enter your personal information online.

5. The email asks you to make a donation

Scam artists often send out phishing emails asking you to donate to a worthy cause after a natural or other tragedy. For example, after Hurricane Katrina, the American Red Cross reported more than 15 fraudulent websites were designed to look like legitimate Red Cross appeals for relief efforts. Potential victims received phishing emails asking them to donate to the Red Cross, with links to malicious sites that stole their credit card numbers. If you'd like to make a donation to a charity, do so by visiting their website directly.

6. The email includes suspicious attachments

It would be very unusual for a legitimate company to send you an email with an attachment, unless it's something you've requested. If you receive an email that looks in any way suspicious or you are unfamiliar with the sender, never click to download an attachment, as it could be malware.


When browsing or accessing sites via email always use a password application like Webcloak's SafeKeeper and always browse safely and securely with Webcloak's SafeWeb secure and anonymous browser.

Take back the Web with Webcloak for a simple, safe and anonymous Internet!

Visit for more information.