Phishing scams are a very popular and common method of fraudulently obtaining information online. While some electronic fraudsters will use tools such as spyware or viruses to retrieve information, phishing relies on a much simpler method: they convince you to give them your information yourself. Often through email or other electronic communication, phishers will pose as reputable entities, and request that you give them information.
When posing as a real company, they might steal elements to make their website or email seem official. For example, they might use the company logo, copy the website design, or use real names of employees to make themselves seem legit. Then, they will make up a reason they think you will find plausible for why they need your information. They might tell you that they need it to update your account, or to verify account ownership. Whatever the excuse, never respond to an email like this. If you need to verify whether or not you are talking with the real institution, look up their actual number (from a different source, don’t trust any numbers in the email. Then, you can inquire about the communication and find out if it is genuine. The same rule holds true for phone calls, never trust that anyone calling you is who they say they are, hang up, look up the number for the institution, and call them yourself. Never give out information on a call not initiated by you.
If you have given out your information, clicked a sketchy link, or otherwise done something that may have compromised your security, don’t wait to take steps to fix it. If you feel you may have exposed your bank information for example, call your bank immediately and begin the process of re-securing your account. Monitor your accounts closely as well, often if you catch a change quickly enough it can be reversed without any lasting damage. Also, if you followed any links or went to any websites that they sent you to, it is very possible that your computer is now infected. Stop using your computer for anything important, and take it in to a computer expert. Virus removal can be difficult, and experts will be needed to make sure that your machine will not be giving out your information in the future. You wouldn’t want to re-secure your accounts only to find that your new information has been compromised as well.