By utilizing email – and spoofed emails, hackers can send you a message; pretending to be your bank – asking you to login and verify some information about your account and will graciously provide you with a link to do so.

If you click the link you are directed to a page that may look and act like your bank, but as stated, in this blog, there will be no “https” in the URL bar. The hacker will have put a code in the page that, when you attempt to login will take your username and password and transmit it back to the hacker. While you are logging in, it may reflect that your username and password are incorrect, causing you to enter it again – thus confirming your username and password. Then you will be redirected to another page that may actually be your bank or even a page that tells you that you’ve been hacked.

The best way to avoid this is to contact your bank upon receipt of the original email and verify/confirm with them that they, indeed, sent the email – thus, avoiding any future complications.

If you get an email from a friend that you may or may not trust – that tells you to click on a link to another site – you may want to confirm that with them, as well. Especially, if it is someone you haven’t heard from in a while.