How To Avoid Phishing Scams
A few years ago, we posted a Phishing Scam Protection blog post. While those tips are still valid today, phishing scams have only become more sophisticated and more prevalent over the years. It was about time that we posted some fresh tips to help you determine whether an email is legitimate, or not, and how to avoid these scams. These tips can be used to keep your A2 Hosting account secure as well as keep just about any other online account or service you use safe.
What Is Phishing?
Phishing emails are sent from criminals in an attempt to fool you by making them appear to be from a trusted source. In reality, they are not. These emails encourage you to take some sort of action like logging into an account to update your address or credit card number. The emails have links to pages that mimic official login pages, but instead will send your username and password information to the criminals when you submit your login information.
How Can I Keep My A2 Hosting Account Secure?
- Please note that A2 Hosting will never ask you to provide your password, credit card number or other personal information directly through email.
- If we ever do request information or action from you, we will do so within our support ticket system. The most secure way to reply to us is to go to my.a2hosting.com, log in and submit your reply to us directly through our website.
- Setup two-factor authentication to help prevent hackers who have compromised sign in credentials from ever gaining access to the account. With two-factor, not only would the attacker need to know your username and password, they would also need your mobile device to access your account.
How To Detect A Phishing Attack?
- MOST IMPORTANT TIP – Never click on a link in an email to log into an account. Instead, type the address for the service into your web browser. Access your account by navigating through the site to the login page.
- Check to see if the email has a form within the body (embedded form) asking you to complete and submit confidential information. If it does, just say no!
- Hold your mouse cursor over the links in the email, but do not click it! You should see a preview of the link within your email client. Many times the actual link you will see by hovering over it will look phony and not match the one listed in the phishing email. In the example below, you can see the link in the lower left-hand corner of your email client.
- Click the reply button to the email to see what the “Reply To” email address is. Does the email address look fake? If so, it’s probably a scam. For example, if the Reply To email address from A2 Hosting isn’t something similar to ‘[email protected]’ or ‘[email protected]’, it’s likely a phishing email.
In the example below, you’ll notice below that both the From and Reply To emails are ‘[email protected]’. In this instance, that means this email is most likely legitimate.
How Can I Keep My Login Information Secure?
One of the easiest and most effective ways to ensure that you keep your login information secure is by viewing the SSL Certificate for a site before you log into it. The SSL information that is displayed will vary slightly based on the web browser you are using. Regardless, if you have visited a trustworthy site, the SSL information within your browser will tell you that it is a secure site and can be trusted.
Viewing SSL Certificate information is a bit different for each browser. Generally there will be a lock in the URL bar that you can click on to view additional details about the site. Below are examples of how to see SSL Certificate information for a number of the most popular web browsers.
Google Chrome SSL Check (Click the lock to the left of the URL):
Firefox SSL Check (Click the lock icon to the left of the URL):
Internet Explorer SSL Check (Click the lock icon to the right of the URL bar):
Browsers are configured to detect common SSL certificate issues and warn you when you try to visit an unsafe site. If you visit a fake or scam site, your web browser should display a security error, or won’t display the site at all. Trust your web browser, whether it is Chrome, Safari, Firefox or Internet explorer.
Phishing Scam Protection Conclusion
From browser information bars to virus protection software to firewalls, there are a ton of resources available to help protect you from phishing scams. The bottom line is if you’re not sure about the validity of an email, don’t click on any listed links. Instead, go to your browser, type in the URL for the website you want to visit and log into your account that way.