This is a
legacy page.
legacy page.
Avoiding Phishing Scams
The term "phishing" refers to a type of scam where someone sets up a page that masquerades as a site you are familiar with, in order to trick you into entering your login information.
Suppose your bank's web site is example.com, and you get an e-mail from them that links to a page on their site, prompting you to log in. The page looks legitimate. But before you enter any information, check the location bar in your browser (the place where you would type in an address).
Here is a checklist for verifying that you're really looking at a page on example.com
- After the
http://orhttps://in the address, find the first slash. - If there is no slash, it's a scam.
- If there is a slash, make sure it's a forward slash (
/) and not a backslash (\). - If what stands immediately before that slash is anything other than
example.comit's a scam. - If it does say
example.com, make sure that the next thing before that is either:- a period (dot) or
- the two slashes that follow
http.
Examples
http://www.example.com- BAD - This address has no trailing slash and takes advantage of a bug in Internet Explorer.
http://www.example.com.index.html.example.org/?trick=sneaky- BAD - This is a page on
example.org, not onexample.com. http://www.example.com:index.cfm@example.net/something=phishy- BAD - This is a page on
example.net, not onexample.com. http://www.example.com\index.cfm:do@example.net/what=this- BAD - Notice that the first slash is actually a backslash.
http://www-example.com/do=something&very=secure- BAD - A a dot is a domain separator, but a hyphen is not, so
www.example.comandwww-example.comare two entirely unrelated domains. http://www.example.com/index.php?do=something&when=now- GOOD - This is a page on
example.com http://example.com/index.php?do=something&when=later- GOOD - This is a page on
example.com