Criminals who “phish” use different strategies to obtain your sensitive information. Many times phishing is associated with email but it is any strategy used where the goal is to “phish” sensitive information from you.You may not realize it, but you are a phishing target at school, at work, and at home. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, look for the following indicators to prevent stolen passwords, personal data, or private information.
- Keep your Browser Updated. Phishers are exploiting a flaw in the web browsers “punycode.” “Punycode” is in charge of translating foreign domain names into English. This means criminals can register a domain name that, even after close visual inspection, appears normal.
- Misspelling web addresses. Phishers can use a look-alike domain name such as “Goggle.com” hoping that you misspelled “Google.com.” Use bookmarks for trusted websites to avoid manually typing web addresses.
- Be suspicious of websites not using a certificate. A website using a digital certificate indicates that they are the rightful owner of the website. Certified websites will have an image of a lock and in Chrome the word Secure in green letters directly on the address bar. However, just because a website has a digital certificate doesn't necessarily mean that it is safe but it is a good indicator.
ex. Safari Digital Certificate
ex. Chrome Digital Certificate