So you are surfing about and get an email that says your bank account needs to be reviewed. You click on the link in the email to go to your bank and type in your login and password. No problem, right? WRONG. You may have opened yourself up to Spoofing.
Hackers, criminals, thieves can create fake websites that look like real company websites in order to steal your personal information. Be cautious of links sent to you in emails. ‘Phishing’ emails include links to these fake sites. The best way to know that you are going to the real website is to type the URL directly in your browser or use “favorites” to access the website. As a rule of thumb, when entering personal information on a site look at the website address to be sure it starts with “https”. For further security, click on the lock icon left of the HTTPS and look at the certificate and see if it is registered with your bank / financial institution / etc.
In Chrome you can do the following:
Click on the lock icon. Choose "Details". The detail pane will open up on the right. Click on "View Certificate" to confirm it is from the site in question.
So be careful.
- Do not click on links within an email unless you know they go to the website in question.
- If in doubt, just type the address in the browser or get it from your favorites.
- Still have doubts; check out the https certificate.