Home page
Articles for Windows, Linux, OS X
Mac tips and articles
Mac tips
Windows 8 tips and articles
Windows 7 tips and articles
Vista Tips
XP Tips
Linux tips and articles
Read the blog
Online store
Windows, Linux, OS X programs

Mac hints and tips

Tips index

Don't get caught by phishing

Although the Apple Mac is inheritantly and a much more secure system than Windows PCs, it is not completely immune to security threats and one area where it is actually no better than Windows is in preventing phishing attacks. Anyone can be caught out by phishing and you need to be on your guard because it can sometimes be difficult to spot.

Phishing is the term given to an attempt to trick you into revealing information about yourself or your online activities. The most common form of phishinhg is an email that looks like it is from your bank, PayPal or eBay. The message nearly always describes some kind of problem and it asks you to click a link in the message to log in to your account and rectify the problem. The message hasn't really come from your bank, PayPal or eBay and the link doesn't really take you to your the bank/PayPal/eBay website. it takes you to a fake website that the perpetrator of the scam has set up. When you enter your username and password into this website look-alike the scammer then has your details and can log on to your real account and spend all your money!

The best advice is to never click links in emails. If you want to go to your bank/PayPal/eBay website then start Safari and type in the address. Even if you do this, a typing slip could take you to a scammer's website that has been set up to look like the real thing. So how can you tell if you are at the real website and not some fake that looks similar?

Mac OS X screen grabThe first thing you should do is to look in the top right corner of the web browser. Websites like banks, PayPal, eBay and others use security certificates that the web browser reads and checks.

Go to the PayPal website in Safari and look in the top right corner. You will see PayPal highlighted in green and a padlock. A phisher's website won't have a valid security certificate and Safari won't show this.

The green text is actually a clickable link. Go ahead and click it, you'll see a window displayed that shows details of the security certificate that has been issued to PayPal. Click the Details link at the bottom and you'll see even more information about PayPal, the security certificate, and the company that issued it. A scammer won't have one of these on his website so if it's not there, it's a fake website, so leave immediately.

Another thing you should look for is a padlock in the top right corner of the web browser window. This indicates that the communications between your computer and the website are encrypted and no-one else can eavesdrop and see what information is being exchanged. The URL in the address box always starts with https:// when secure communications are employed. It wouldn't be impossible for a scammer to set up an https:// site, but it's another thing to look for because you'll find that they always use http:// connections and these don't display the locked padlock in the top right corner of the web browser.

Remember, don't click links in emails, look for the padlock, look for the security certificate. Then you won't get caught out by phishing.

Tips index