Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.

We get a lot of requests from clients to review emails sent to them. They seem to know something is wrong but contact us to verify. This is time-consuming for the customer and for us. As a general rule here are some pointers so you can avoid being duped.

Any time you get an email that seems to be legitimate hover your mouse over the link that it wants you to click. Without clicking it look at the bottom right corner of your browser screen. You will often see an odd web address that it wants to link you to. Also, if something seems legitimate, don’t click the links in the email. Go directly to the account and log in the way you normally would. For example, if it is a GoDaddy email go to Godaddy.com directly. If it is your bank, go directly to your bank website. Never click the links or call the phone numbers contained in the email.

If there is a phone number to call and you want to check this simply go to https://www.whitepages.com/ and click the Phone tab. Put in the phone number and if it is not the company that contacted you don’t be surprised. Here is an example of a phone number found in an email that seemed to come from GoDaddy.com. https://www.whitepages.com/phone/1-866-938-1119 It is safe to click that link. It shows a Wellness Spa in South Carolina is the owner of the number, not GoDaddy. There is no way to know if that number is still in service but it shows it is not the person or company who the email claims to be.

It only takes a couple of minutes or less to figure it out. When in doubt contact the company directly but never through the link or number provided in the email.