Phishing is a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly. Phishing is the action of fraudsters sending an email to an individual, hoping to seek private information used for identity theft, by falsely asserting to be a reputable legal business. Phishing is performed through emails containing a Spoofed URL, which links them to a website.

How Scammers get your information

The scammer makes a Spoofed URL website that is similar to the website you are trying to visit, and when you are taken to the webpage, it will look nearly identical. Then, if you are shopping and enter your information to pay for the items, you inadvertently give the thief your credit card, pin, password and other identity information.

Examples of fake methods and web pages used in getting a computer user information

There are different methods used by these scammers, but I'd like to go over three in particular.

1. You might get an email informing you that your inbox/email space is almost full, and that you should upgrade it.



When you hover over the link, you will discover the actual link the scammers are redirecting you to. If you click the link it will redirect you to the scammer's web page, which will request your email username, password and other personal info.

2. You might get an email claiming to be from your bank requesting you should carry out an action.



If you hovered over the link in the email, you will see the actual scammer's website the link was meant to redirect you to.

Note: Before you click on any link in an email, make sure you check where the link is redirecting you to.

3. You might get a message on your social media account (instagram, facebook, twitter) requesting you should carry out an action.

Here are some tips to stay safe

1. Never submit your password, pin or any personal information on any page, even if the page looks like the original page. Ask yourself this question - Why will the owners of the website ask for your password, when the already have it when you registered on their website.

2. If you did not register on a website and you get an email asking you to update something or asking for any details, ignore it.
     
3. Look out for spelling mistakes within the websites URLs. If you are not sure of the address, search on google for the correct site address.

4. Verify the name of the site on a digital certification through the use of SSL/TLS. If you have any concern about the confidentiality of a web site leave the page immediately.

5. Make sure you are able to see the fully URL for any hyperlink, so that you can examine the address. Hover over the link it says you should click and see the main link where its actually directing you to.

Most times the scammers might make the link look like the original site's link by making the spellings similar. For example, the scammers might change the name of a website like accessbank.com to acccessbank.com. The fake website is spelt with three C's instead of two OR if the original site has an alphabet that occurs twice, the scammers can omit one.

In the case of social media accounts, if the main or official account/username has a small letter the scammers can create an account with identical name but will change small case to capital case or Vice-versa.  Before you take any action, verify the handle or source of the message. If you are not sure, you can contact the customer care of that company.