If you ever get an email that appears to be from your bank or some other online service saying you need to click a link in the email to log in to your account and update your personal information, don’t do it.
These types of emails are almost always fakes. And even the rare few that are legitimate should never be trusted.
ALL such emails should be assumed to be malicious, regardless of how authentic-looking they are.
Of course there are indeed times when you’ll be asked to verify or update your information for a given account, but that request will almost always be made after you have logged into your account with your current username and password, not before.
Don’t be fooled by “official” looking emails and websites. Hackers and thieves are quite good at making their fake emails and websites look legit.
If you are ever tempted to click a link in an email and enter your username and password, DON’T DO IT!
The website on the other end of that link is most likely a fraudulent copy of the company’s real website.
After you enter your username and password on the fake login screen the bad guys will take the information you mistakenly gave them and log into your real account, pose as you and clean out or otherwise wreak havoc with your account!
I recommend that you follow these steps every time you receive one of these fake emails:
1 – Forward the email to the fraud division of your bank or online service. You’ll find the correct email address to use listed somewhere on their website.
2 – Delete the email without clicking any links contained within it.
A link might appear to be legit, but if you hover your mouse over it you’ll usually see that the URL of the page the link actually leads to a fraudulent copy of the real site.
3 – Manually type in the URL or use a bookmark that you already know to be legitimate for your bank or other service’s website and log in from there.
If anything truly needs to be updated you’ll be notified via a pop-up window or bolded message. If you have any questions at that point you can always call the customer service number listed on the real site’s contact page and ask the rep directly.
4 – If you happen to slip up and enter your login information on a fake login page, go to the real website or call customer service immediately and change your password.
Bonus tip: This post offers several tips for quickly recognizing a fraudulent email.