Q: I almost fell for a phishing scam from an email I received thinking it was legitimately from my bank. I want to warn others, so they don't fall for it. Does the BBB have any tips about staying safe online?
A: "Phishing" -- the act of targeting victims via email in the hopes of spreading viruses and gathering personal information -- can happen to anyone. Cybercriminals have become quite savvy in their attempts to lure people into clicking on links or opening phony email attachments. Online phishing attacks cannot only spread computer viruses, but they can pose a significant risk for identity theft.
October happens to be Cyber Security Awareness month, and Better Business Bureau has joined with the National Cyber Security Alliance's STOP. THINK. CONNECT. campaign to recommend the following tips to avoid falling for an email phishing scam:
1) Be on your toes. Only open emails, attachments and links from people you know. Use anti-virus software regularly and enhance email filters to block threats. Watch out for unsolicited emails that contain misspellings or grammatical errors.
2) Don't believe what you see. It's easy to steal the colors, logos and header of an established organization. Scammers can also make links look like they lead to legitimate websites, and make emails appear to come from a different sender.
3) Avoid sharing. Don't reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email. Be wary of any urgent instructions to take specified action such as "Click on the link or your account will be closed."
4) Pay attention to a website's URL. Hover over any links to see where they lead. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different -- but similar -- domain.
5) If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Information about known phishing attacks is available online from groups such as the Anti-Phishing Working Group. Report phishing to APWG at www.antiphishing.org.
6) Keep a clean machine. Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defenses against viruses, malware and other online threats.
7) Don't give fraudsters fuel. Many times fraudsters do extensive homework on you to make their story sound the most plausible. They can do that by reading your social network posts, or even by digging through your garbage to find sensitive information like credit card and bank statements. You can prevent fraudsters from getting your information by shredding your mail before throwing it away.
Also remember that the BBB "Protect Your Identity" shred event is this weekend. BBB has even teamed up with Cintas Document Management and DuPont Community Credit Union to offer two Secure Your ID Days this fall. Today, Oct. 18th, we will be located at the DuPont Community Credit Union-Ooltewah Branch (9227 Lee Highway) from 9 a.m. to noon, and tomorrow, Saturday, Oct. 19th, we will be at the corner intersection of Highway 153 and Lee Highway from 9 a.m. to noon. This is a free event for the community, so invite friends and family. And remember to please limit your paperwork to up to three boxes or bags.
For more information you can trust, visit bbb.org. For more tips from the STOP. THINK. CONNECT. campaign, visit Stay Safe Online.
Jim Winsett is president of the Better Business Bureau of Chattanooga.