How to Identify Phishing Attack
- The phishing message often states that there is a problem with your account that can only be remedied by visiting a secure web site. Or it may make an offer that seems too good to be true. In all cases it tries to lead you to a web site where information can be collected or spyware can be inserted on your PC.
Some examples of phishing messages from my Spam mailbox:
- Google the site to obtain it's true URL. If URLs in the email do not match the real site, it is definitely a phishing message. Even if the URLs match, the message may still not be legitimate. Check the real web site for information on false messages. Phishers have been using the appearance of well known web sites for several years. Most sites have a link to report suspicious emails.
- Display the message as plain text rather than in web format. A legitimate message will show you it's contents. If it can't be displayed it has something to hide:
- Cautiously examine the full header of the email message. This will show where the message really came from. In the example below the From and Reply-To fields appear to come from the LaSalle Bank, but the message was actually received from a computer in France.
- A look at the actual message, as opposed to the web
format it presents, reveals that the link listed is not at LaSalle Bank,
but rather somewhere in France:
eBay Billing Error eBay Account Security Problem Verify Your Bank Acccount/Credit Card/eBay Information Mortgage Offer Too Good To Be True Bank Account Security Problem
Note that LaSalle BankÕs real web address is 155.181.136.21 or www.lasallebank.com.
Do not under any circumstances open a file attached to one of these messages. It's probably a virus.