Spelt phishing, but pronounced as above, this despicable act is an effort to batter your bankroll or commandeer your cash. To put it simply, you can get emails from account administrators, which strongly urge you to update details attached to that account. The issue, though, is pretence of such mail.You may not even have such an account as referenced. It doesn’t come from account provider. It can use false S.S.L. references, to present an illusion of trust and security. It can prompt for immediate action on your part, alleging false log-in’s by persons unknown, and from countries unknown. If action is not taken, they can impress on you, that account will be suspended or closed. Indeed, anything likely to work can be fabricated, to get you to webpage suggested in link or hyperlink. Note word “suggested”. Likenesses to company logos are used to re-enforce “credibility”.
In fact, these phishing attempts actually look pretty good or realistic. So much so that any qualms of guilt or stupidity, experienced by a “conned party” are groundless.
Experience, specific education or forewarning, is all that prevents this type of charade from widening its base of “victims”.
The goal is to get you to type in your details, complete with credit card number and rest can be guessed. Some damage is also absorbed by organisation or company being misrepresented and they can do little about it but warn their customers what to watch out for, and issue security instructions. Indeed, it is from accounts at reputable companies that most passing trade learn correct or most secure procedures. It is therefore important to read any material that they offer.
Generally though, reputable companies with a mind to preserve their integrity will tell you to log-in at their main page and proceed from there. Not through a link specific to your account!
Hyperlinks can mask true domain that you’ll be brought to, with text linked to www.anydomaindotcom (example, only), a replica or fake page. Only going to secure pages where one believes that “https” will do it, will always help but wholly unreliable. The “s” is an indication of a secure page, but are you at right domain? Place your mouse over link and domain attached to such a link, should show itself. Viewing source code is another way but some knowledge of it is necessary.