If you are a user that has been around for a while, there is a pretty good chance you’ve been targeted with a phishing scam. You may have a long lost relative in another country who left you millions – and all the executor of the estate needs is your banking information to send you your inheritance! Or a prince of a small country is trying to move some of his fortune and escape to America – and if you can help, you will be rewarded!
These are some oldies-but-goodies, however phishing scams have and will continue to get better and smarter.
There was a time when phishing scams almost always came filled with poor grammar, spelling errors, and writing that just seemed a little off. While these still exist, things have become harder to detect.
These scammers are always looking for your personal information. There are a few ways they can do this, but most of them begin with email spoofing, where a sender will mask their actual email address with a familiar one.
If it isn’t a spoofed email, it may come from an address that is very close to that of a known and trusted sender. This could have an extra letter or even just a period to try to trick you into completing whatever task they are using in an attempt to get your information. This could be something as simple as a link to “family photo” or video and it could very well open your system to different vulnerabilities.
Something like a keylogger, a program that tracks your keystrokes, can be almost undetected while also gathering your online banking or credit card information.
Lately, phishers and scammers have pulled out all the stops. There have been cases where phishers will not only spoof an email, but also documents. These can look pretty real, so take a close look.
A new long-shot, big-payoff scam is to spoof an email address of a financial institution to try to intercept money from home purchases. This is done with forged documents and a fake email. While it’s a long shot for something that big to happen, do big business in-person or through trusted secure communications.
What to watch for:
When you have email communication from a known sender that doesn’t quite add up (or doesn’t sound like them), don’t assume they’re just having an off day. One example: if you know your family member shares all of their photos on Facebook, would they really email you a link with little to no writing in the email?
Any “company” asking for any personal information or passwords through email should also raise red flags. While this might seem obvious if the email address doesn’t match, a spoofed email address can make this trick easier to fall victim to.
Also, be wary of anyone asking for your bank account number via email. Even if it is legitimate, there are other ways to send this information. Protect yourself by choosing a more secure method of communication.
What to do:
If something seems off, research it. If you get a weird email requesting something or asking you to click on a link, don’t assume it’s safe. If it’s from someone you know, ask them if they did send it.
If you are the one “sending,” check your Outbox or Sent folder. This is a good indication if the email came from you or someone you know.