Phishing is the act of some individual sending an email to a user in an attempt to scam the user to release personal information. Is it easy to determine if it’s a scam? Sometimes – but not always. I hope to give you enough examples and information to help you to safeguard yourself from these unsavory individuals.
In addition, sometimes the email is sent to malicious software so as to render your computer helpless. Thus, it is important that you do not click on the link they provide, because that is the trigger that will load the software to your system.
EXAMPLES OF PHISHING
You receive hundreds of emails in your mailbox, but one email catches your eye – it directs you to a website, requesting that you need to update your personal information. It requests such personal information as:
credit card numbers
social security number
bank account numbers
“It appears to be legitimate”, you say to yourself. And you also notice that the emails are from companies that you have been doing business with for a while. Warning: The website could be bogus.
Here are several examples of phishing in action.
1. E-mails stating they are from E-bay and they feel that your account may have been compromised and would like you to verify your information with they so conveniently supply. DO NOT click on it.
2. E-mails from Paypal or your bank asking that you verify your information because they feel that your account has been compromised, or heaven forbid, suspended. Same scenario, different company. DO NOT click on the link.
3. E-mail that states that an unauthorized transaction has occurred on your account. Please click the link below and confirm your identity. DO NOT.
4. Here’s a work at home scam – We have seen your resume on Monster and feel you would fit our position. If you are interested, please go to our website, look over the experience required and submit your resume if you have this background. Website is professional looking, offer looks good – but it could be a scam.
WHAT ARE THEY AFTER
In the above examples they are after information about you, be it passwords, credit cards, social security numbers, anything that can identify you – and that which they can use to profit from you.
The job email is used to verify that the email address is a true blue, active email address. What do they do with this info – they sell these accounts to spammers for good money. They need to verify your email address—because if the spammers come up empty – this person’s business is dead.
HOW TO VERIFY SAFELY
1. If they want you to verify your account, do not cut and paste, or use the link they provide in the email. Close your Internet session, open a new session and enter the site that you have on record to verify.
2. Emails requesting resumes – Verify their account before you send your resume. When verifying – these red flags should be considered:
1) If they are hesitant to provide a phone number – might be a scam. 2) If their business address is not verifiable –might be a scam. 3) If the website is new – might be a scam. 4) If they use a large company’s name—and that company never heard of them – might be a scam.
5) Again, verify this information before you send your resume.
WAYS TO PROTECT YOURSELF
Here are some quick tips to protect you and your computer system.
1. Use anti-virus software and a firewall – keep them up to date.
2. If you have a broadband connection make sure you have a firewall in place.
3. Don’t email personal or financial information.
4. Before providing personal information – search to see if the site is secure – look for a lock icon. However, remember not all phishers are stupid – in fact, they could be computer savvy enough to forge security icons. Thus, look for a site whose link looks like this: https://www.somename.com -- this shows that it is a secure site.
5. Coupons from respected companies – Verify that it is a true-blue coupon from the company – I had one coupon sent to my email address from what I thought was Staples. Verified it with Staples – not a coupon honored by Staples. When on the Internet – if it looks like a duck, quacks like a duck, it still may not be a duck!
6. When making transactions on the Internet – be it online banking, Paypal, Internet Gold, etc. – complete your transaction, log out of the website, and close out of your Internet Explorer—and then continue with a new session of Internet Explorer.
WHERE TO FORWARD SPAM THAT IS PHISHNG
If you encounter spam that is phishing, or are a victim of a phishing scam, you can forward the information to firstname.lastname@example.org and to the company, bank or organization that the email may have stated they are from. In many cases, the other organizations have information on their website where you can report the attempted scam.
In addition, if you have been scammed, and you wish to file a complaint – go to ftc.gov.
To conclude, no one is immune to spam or a scam. But try to be ever vigilant and do your due diligence with anything you do on the Internet. But being human is a scammer’s hope – they know that most will ignore the bait, but some will be tempted. So, if you so humanly slip, and succumb to a phishing scam, you can report them to ftc.gov.