Cyber criminals always have their sights firmly set on using phishing and other scams to entice you to give up your personal information.
Phishing attempts often mimic communications from well-known companies associated with online shopping, shipping, or travel—such as PayPal, Amazon, and FedEx. Cyber criminals know that you are more likely to let your guard down if the fraudulent e-mails they send appear to come from a familiar name and one with which you may have done business at one time or another.
In a typical phishing attempt, you might be asked to click a link to access a postal receipt for a package that you supposedly mailed, when you are really downloading malware onto your computer. Or you may be encouraged to provide your credit card information for an Amazon purchase that you purportedly made online, when you're actually giving your card number to a thief.
One popular scam involves an e-mail that appears to come from ADP. The message says that the recipient's account will be debited and directs him or her to click a link to print a report that will display the transaction amount. There's a good chance that the recipient will have some connection with ADP and be enticed to click on the link.
How can you tell for sure?
You can often tell if an e-mail is legitimate simply by hovering your cursor over the link that you are being encouraged to click. (Be sure not to click on the link!) This will allow you to see the web address that it directs you to. In the example below, you can clearly see that hovering over the link reveals that the actual address is not an adp.com website. This is a clear indication that the e-mail is not legitimate and should be deleted.
Protecting yourself from these scams
You can reduce the risk that your personal information will fall into the wrong hands. Take note of the following tips that can help protect you from phishing and other scams:
Always remain alert when you receive an unsolicited e-mail from the types of companies mentioned here. A little caution can go a long way toward keeping your computer and your personal information safe from cyber criminals.
- If it seems “phishy,” it probably is. If you receive an e-mail that appears unprofessional—it contains misspellings, spacing errors, or bad grammar—it is most likely fraudulent. Typically, legitimate companies and organizations take more care in constructing the communications that they send to their customers.
- Do a quick Google search on the subject name or basic details of any unsolicited e-mail. Fraudulent e-mails sent in bulk to numerous recipients are often reported to the FBI, the Federal Trade Commission, or the Internet Crime Complaint Center. If you can't find information this way, contact the company directly through its website by typing in the URL yourself—do not click on any links provided. The real company will be able to tell you whether or not the e-mail is legitimate.
- E-mails related to shipments or packages, payment institutions, or airlines should raise a red flag immediately. If you receive an e-mail asking you about payment information for an online purchase you didn't make or for a shipment or package that you weren't expecting, delete the e-mail immediately. If, however, you have purchased something from the company or are expecting a package, proceed with caution. Review the e-mail for errors, check the sender e-mail address to confirm that it's coming from the company itself, and hover over—but do not click on—any links provided in the e-mail to ensure that they appear to go to the company's website. When in doubt, call the company directly.