It’s no question that phishing attempts are notorious and rampant on the Internet. Nowadays, every popular site that requires a username and password has a malevolent look-alike page that aims to steal login information from unwitting users. It’s no surprise then, that Facebook, having over 750 million users, has its share of evil twin pages and email notifications. I myself have received a number of fake Facebook emails in my inbox, and I have to say, it’s getting more and more difficult to spot the real Facebook emails from the fake ones.
And Facebook itself isn’t helping either. As ZDNet pointed out, there are legit emails from Facebook that can be mistaken for fake ones because the social network’s email notifications come from “the facebookmail.com domain and include a suspicious-looking sender’s name” together with a long complicated URL.
So how do you avoid falling into phishing traps? Well, with common sense and a healthy dose of online vigilance, avoiding phishing attempts should be easy enough. Below are four easy steps that you can take to make sure that your personal information remains out of the hands of hackers and identity thieves.
1. Be mindful of grammatical and spelling errors – People who call out spelling and grammatical errors aren’t always well-received, but trust me, learning to spot these anomalies in “official” emails will come in handy when you’re trying to determine whether a message is legit or not. Official notifications are usually written by a professional, and reading your emails carefully (and more than once) before clicking on links could save you from privacy breaches. The misuse of “there,” “their,” and “they’re,” for instance, is an immediate red flag.
2. Mouse-over those links – Things aren’t always what they appear to be, and sometimes, buttons, links, and even spelled out URLs don’t actually send you to the right page. A good way to check whether or not the links on those Facebook emails are safe is by hovering your cursor over the links, to see if they lead to a facebook.com domain.
3. Mark messages as spam – Did you spot a phishing email? Good. Now instead of banishing the message to your trash bin, it’s better to mark the email as “spam.” This will not only help prevent similar messages from showing up in your inbox again, but you’re also doing the rest of the online community a favor. A lot of email providers including Gmail and Yahoo, are smart enough to learn from the collective actions of their users. If numerous people mark a certain message as spam, the system will prevent it from appearing in other users’ mailboxes, thus reducing the risks of privacy attacks.
4. Visit Facebook directly – The extra effort to type in Facebook.com into your browser, compared to clicking on a possibly malicious link is a small price to pay for security, in my opinion. In fact, why not consider ditching those Facebook emails completely? If you’re already a regular on Facebook.com, then those bright red alerts at the top of your page should sufficiently notify you of any changes and updates to your network.
Image Credit: ZDNet.com