The typical phishing scam involves an email that looks like it was sent by a legitimate organization such as a bank, credit card company, or online store such as eBay or Paypal. The email usually claims your account has expired or needs to be updated, or it will be suspended or closed. The email invites you to visit a website by clicking on a link at the bottom of the email. The idea is that you need to log into this website to change your account information, but in reality, the website is a front end for an application that collects this information and sends it to the phishing scam’s originator, who can then use it for identity theft.
Phishing emails may use the logos and other branding of the legitimate organization they claim to come from, but many times careful observation will catch errors that will reveal the email to be a phishing scam. Many times, these emails will be full of spelling and grammar mistakes that can help you spot them as fakes.
The best way to protect yourself against phishing scams is by never clicking on a link that asks you to visit a site to update important private information. If you are really worried that your account may be in jeopardy, use your web browser to access the website, not the link in an email. You can find the legitimate URL for the financial institution or online store by running a quick search in a search engine, or better yet, by getting it from an official statement. That way you will know you are visiting the legitimate website, not falling for a trap. Once your private information has been obtained, it may take months to clear up any damage done.