What is Data Entry Phishing?

These days, there are a plethora of dangers you have to watch out for when using the internet. With the growth of the World Wide Web, hackers and scammers are taking advantage of millions of unsuspecting individuals across the globe every day. They are becoming more and more sophisticated and increasingly dangerous. As they become more intelligent, you must become more well informed to protect yourself and your personal information while using the web.

One sophisticated form of hacking is data entry phishing. This practice involves phishing for sensitive information of unsuspecting individuals through fake forms on phishing websites. Such information can include personal identification information (i.e. birth year, social security number, passport number, drivers license number), account login information, and bank account information.

The most common method that hackers use for data phishing is through sending scam emails with fake links to websites that you would normally trust. These links will lead to false websites that are used to collect and exploit personal information, often impersonating popular websites from credible organizations. Forms on these websites may include subscribing to a newsletter or buying a subscription. Filling out a form with personal information will result in the data you provide being sent right to the scammer. Once you complete a form, the scammer may even redirect you to the real website, making you even less likely to suspect something is awry.

If you find yourself filling out a form on a website, ask yourself these questions:

  1. Did an email direct me to this website? If so, log onto the website from your browser instead.
  2. Does the website feature blurry or pixelated images? If so, it is likely that this is a fake website.
  3. Does the URL start with https://? Actual businesses use encryption to protect sensitive information, which is indicated by the https://. However, this is not the only thing you should look for.
  4. Is the personal information you are entering necessary for the action you are trying to take? For example, a website does not need your credit card information to sign you up for a mailing list.
  5. Are there numbers in the URL? Is the URL shortened? Is there any text before the http://? If you answered yes to any of these questions, the website is likely a scam.
  6. Are you already logged onto the website? If so, it would not make you log in again, and is likely not the website you think it is.
  7. Is the site requesting information that it has never requested before? This is a large red flag!

If you have become the unfortunate victim of data entry phishing, fear not. Change any passwords you may have revealed, contact your financial institution if you feel as though your banking information is compromised and monitor the affected account or accounts for signs of identity theft. If you need help, contact Investigation Hotline to speak to a private investigator who is well versed in these scams. You don’t have to do it alone. Call us today.