When it comes to Phishing Emails – You’re the Fish!
It’s always Phishing Season for Fraudsters. Phishing attacks use emails and sometimes text messages or malicious websites to get information from their victims. The ruse is an attempt to lure you, under the pretense of a problem or an emergency, to click on a link or open an attachment. There is usually a circumstance that is presented to you that requires your attention and your follow-thru, in order to resolve an immediate problem or issue. The emails claim that there will be dire consequences if you ignore the message.
Phishing emails often have the look and feel of authentic communications. Company logos are easily cloned and used in fake phishing emails. Inconsistent or incorrect spelling and grammar are also a tell-tale sign of phishing emails.
Most legitimate emails from businesses would include your name and/or the last few digits of your account number. An email from a friend or family member should be personal in nature. These targeted messages can trick even the most cautious person into doing something that may compromise them. Even if the email is from a known source, people should use caution, because Cybercriminals are very good at mimicking trusted businesses, or even friends and family.
Phishing Emails are Designed to Infect a Victim’s Computer with Malware.
You want to avoid getting Malware installed on your computer. Infections can result in your downloading keystroke-logging software that enables a scammer to steal information from you as you type passwords or account numbers on a website.
Malware also gives the cybercriminal the ability to use the email addresses of everyone in your email program to spread SPAM to all of them. Your friends and family may be fooled into believing the SPAM email is safe (because it’s from you); and will therefore click on a tainted link or infected attachment in the email.
TIPS and ADVICE
- Never click on links or open/download attachments – unless you are 110% sure AND have confirmed that they are legitimate.
- If you receive what appears to be a phishing email or text, always go directly to the source (not the info in an email) to confirm that this is not a scam.
- Hover you mouse over the sender’s address. You may see that the email address is not consistent with the name of the company or it may be a long string of numbers and symbols that don’t make sense.
- If calling a business to confirm the email’s legitimacy, be sure to call the correct phone number. In some instances, fraudsters will purchase phone numbers that are only one digit off from those of a legitimate company. These fake (usually toll-free numbers) are an effort to trap people who may mistakenly dial an incorrect number or area code of a bank, credit card issuer, or other legitimate organization.
- Suspicious emails should be reported to the Federal Trade Commission (FTC) by forwarding the email to email@example.com. Be sure to report it to the legitimate organization that the email pretends to originate from. You can also report it to your email provider. Once you’ve done that, you should always delete the tainted email from your computer.