Phishing- what you need to know right now.

by , under Geek, The Wired Mom

Phishing is a very specific sort of spam that doesn’t try to scam you by promising you money from Nigerian royalty, or discount prescriiption drugs (typo intentional). It tries to appear like an official email from a trusted site, and tries to get you to click to their site and fill in the login information they need to access your accounts.

The reason I’m mentioning this now is that e-mail marketing company Epsilon was hacked, exposing the mailing lists they handle for many major companies- including banks, credit cards. Security Week has an up to date list right here. Thankfully, all that was exposed were customer names and email addresses – so they won’t be able to get access to your accounts with those companies. But it does mean that whoever hacked Epsilon has everything that they need to make sophisticated phishing attempts- since most company emails include your name to let you know that it’s indeed them sending the email.

So what can you do? If you ever get an email saying that your account with a company has been compromised, take a look at the email. Does it look like other emails you’ve gotten in the past from that company? Take a look at the email address that it was sent from, and if you can, compare it to an email that you know was legitimate. Are they the same email address? If you see any typos in the screen name… do not click on any links in the email. If you’re concerned that your account with a company was compromised, go to the website directly and login.

If you do get a phished email, don’t delete it right away. Go to the appropriate company, and search the site. Usually there’s an email address where you can report phishing attempts- since the companies are just as concerned as you about keeping your information secure. Forward the email to the address, and delete it.

Just remember, if there is anything off about an email- the colors look a little different, or there are typos… be careful. All it takes is a little sleuthing, and a little common sense, and you can keep the rest of your personal information safe and secure.

And remember, you should probably change your passwords at least once every 3 months- and make sure that they’re a mix of letters and numbers so that it’s harder to guess.