Don’t click on the link. Just don’t

When an email arrives bearing news of an amazing deal, ask a few questions.

Have you ever done business with this company before? Have you ever visited its website? Do you have a credit card issued by it? Have you signed up for its email list?

If the answer to each of the preceding questions is “no,” then Ghosh has some simple advice.

“Delete the email and don’t look back,” he said.

It could be part of a phishing scam.

If the offer seems legitimate, don’t click on the link within the email. Instead, go directly to the retailer’s website and look around for the details.

Check and verify the Web address or URL

1024px-Shopping_for_jewlryWhen it’s checkout time on a retail website, take a step back before you type in any credit-card numbers. Check the Web address, or uniform resource locator (URL), of the payment page and make sure it’s using a secure connection.

You should be seeing either the character string “https://” before the website URL, or a small icon of a green padlock, said Catalin Cosoi, chief security strategist of Bucharest, Romania anti-virus firm Bitdefender.

Check the URL to make sure the address is correct, and not a slight misspelling of the real address or a random URL.

Cosoi said he also checks to see whether the site has a certificate of authority, which establishes a website’s identity, from a trusted source such as VeriSign.

For unfamiliar sites, Cosoi checks the publicly available WHOIS information databases, such as http://whois.domaintools.com/, to find details about registration, hosting and online activity.

“If the bank or shop website is registered to a private, or Yahoo/Hotmail/Gmail, address, it’s likely to be fake,” Cosoi said.

–  Source Tom’s Guide Staff, Fahmida Y. Rashid

ReadMore