10.5. Protecting Yourself from Phishing Schemes
The term phishing has already appeared several times in this book. It describes a type of scam in which someone sends out bait — usually in the form of an email message — in an attempt to lure unsuspecting people to a phony website, where they're asked to type a password or other private information. The fake website may look just like a real one to which they're accustomed (a bank website or PayPal, for example), and the message may warn of dire consequences if the person doesn't confirm or verify his or her account details or do something of that sort. If you go along with the request and type your personal information, the phisher then uses it to log in to your account, pretending to be you — collecting private information, transferring money to themselves, or stealing your identity. Phishing is big business, and the people who perpetrate such scams have become increasingly clever and convincing. But you can protect yourself from phishing attempts with a combination of good sense and the right software.
The best way to avoid phishing attempts is to never click links in email messages from unknown sources — and to be skeptical even about known sources (such as your bank) because From addresses can be forged. If you have any doubt at all about a message, the safest thing to do is to manually type the URL of the site in question into your browser, log in the usual way, and check your account status to see if there are any problems ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
