Ever had someone gain access to one of your online accounts? It can cause major problems and be a challenge to get cleaned up. While it could have been a password leak at a company you have an account with, there’s also a decent chance it’s a result of a phishing attack.

Let’s take a look at what a phishing attack is and how to avoid one.

What is a phishing attack?

Phishing is when an attacker disguises themselves as a trusted company or website. Usually that takes the shape of an email and a web page where you can log in.

For example, you might get an email that looks like it’s from Facebook with a link to reset your password. The email looks right. It has the Facebook logo, the right colors, and it may look identical to an email you’ve actually received from Facebook. So you click on the reset password link, and you end up on a site that looks exactly like the Facebook login page.

However, when you attempt to log in to reset your password, it doesn’t work. Instead of worrying about it then, you decide to try again later.

What just happened? Someone created an email and login screen that looked just like Facebook in order to steal your login information.

How do I avoid phishing attacks?

If you have email and any account anywhere, eventually you’ll receive a phishing attack email. Here are six ways you can avoid being tricked.

  1. Don’t trust the email address it comes from. That can actually be faked, so a facebook.com email address doesn’t mean it really came from Facebook.
  2. If there are any misspellings, be suspicious immediately. Companies make mistakes, but phishing attacks are much more likely to misspell something.
  3. Without clicking on them, hover over the links with your desktop or laptop computer. If they say they come from your bank but the link isn’t right, don’t trust it.
  4. Is it a site you really use and you’re worried it could be real? Just open your browser and type in the address for the site. If you don’t see a similar warning when you log in, it was most likely fake.
  5. Banks and other financial institutions will never ask for sensitive information via email. If you’re still worried, pick up the phone and call your bank to see if it’s legitimate.
  6. If you are at all suspicious, don’t open any attachments!

Remember, be careful what you click, whether it’s on social media, when browsing online, or in your email inbox. Hackers are waiting to take advantage of you!