Protecting Against Phishing
In a phishing scam the scammer will utilize a cleverly disguised communication to get your account credentials or personal information. These communications are typically email messages claiming to be from your bank or credit card company saying your you need to update your account information.
The scammers will usually forge the From email address and use logos and graphics associated with legitimate companies to make you believe the communications are from legitimate companies. The scammers may also setup forged websites using the same logos and similar URLs to make you believe you are using a legitimate site. These fake sites will appear identical or very similar to the site to which the recipient thinks they are visiting. Once the recipient has "logged in," however, the scammer has and can use the recipient's login information. Sometimes these sites will contain additional fields to be completed and often request that the victim update their banking, payment, or other sensitive information.
The messages the scammers will use are written to make the recipient believe there is an urgent requirement to take action. Almost all of these messages indicate to the recipient that his or her account will be shut off if he or she does not comply with the requested action in the message. Most companies will not contact you through email, instant message, or text message for urgent account updates. Haphire will not send you an email requiring any updates to your account or threatening to close the account if you don’t take a particular action.
If you receive an email that you suspect might be a phishing attempt, DO NOT click on the URL within the message! Please be sure to check the destination URL on the link contained within BEFORE attempting to login or submit any information. By simply hovering your mouse pointer over the URL, many email applications will display information on where the URL actually takes you.
If you have any concern contact the company directly by calling their Customer Service department, to verify if the communications have come from them. It is also recommended to hand type the known URL of the company into the web browser before logging in instead of clicking on any links sent to you within messages purporting to be from the company.
Identifying a Phishing Scam
- The message does not address you by your actual name, but instead addresses you as: "User," "Customer," "Client," "Member," etc.
- The message contains spelling errors, grammatical errors, awkward wording or phrases, or a combination of all of these.
- The message uses threatening, urgent or alarming language in regards to your account access; e.g. "Your account has been suspended," "Security Update Required," "New software download required for continued access," etc.
- Hovering your mouse pointer over the link, or viewing the source message, reveals a URL that does not appear related to the company supposedly sending you the message.
- The link within the message is a truncated (shortened or tiny size) URL which then redirects you to the actual web site.
- The message includes attachments that you are asked to download or open.
- You are being asked to provide information that the company should already have or should not need to know such as: user name and password, payment information, banking information, credit card numbers with security code, Date of Birth, Driver's License number, or even Social Security Number.
Protecting Yourself From Phishing Scams
- Do not click on links within email, instead type the company's URL into the browser yourself.
- Do not provide any personal or private information via email or through links sent to you in email.
- Keep your computer's Operating System regularly patched and updated.
- Keep your ant-virus software consistently up-to-date and perform regular system scans.
Still not sure? Contact our support team at email@example.com with any of your questions or concerns.