Phishing is a type of fraud that involves email messages designed to redirect users to malicious websites especially designed to steal banking data from unwitting users. In this way, “phishers’ can steal passwords and personal details to spoof users’ identity and use it fraudulently. They use the name and corporate image of real companies in order to gain users’ confidence and carry off the fraud. To avoid this, it is vital to make sure that all transactions are carried out in secure environments.
The first aspect to take into account is the fact that your bank will never contact you via email to ask you for any passwords. You should delete any messages that you receive asking for your personal details, or including a link that takes you to a web page where you are prompted to enter them. Most probably, these are fraudulent messages.
Make sure that the web page that you are visiting actually belongs to the bank that you want to visit. Pay attention to the web page domain, and check that there are no differences with the real domain of your bank’s web page. Make sure your connection is safe. To do this, check that there is a little closed padlock displayed on the status bar of the browser, and that the web address begins with https://. These are clear indications of a safe connection. If you are in doubt, check that the web page has a valid certificate by double-clicking on the padlock.
Another way to make sure you have established a safe connection to the company’s real website is to type the entity’s full web address directly in the browser; never access it through hyperlinks that might point to fraudulent websites that could enable data theft.
It is also advisable to check bank statements periodically to make sure that there haven’t been any irregular movements or transactions from your account. If you see any unaccountable operations in your statement, we recommend you contact the bank through which transactions were made, in order to get more detailed information about them.
Source: Panda Software.