You’re sitting on your front porch. You see a stranger walking towards your property. You have no idea whom he is. But he’s nicely dressed. He asks to come inside your house and look through your bank account records, view your checkbook routing number and account number, and jot down the 16-digit numbers of your credit cards. Hey, he also wants to write down all your passwords.
Is this something you’d be crazy enough to do? Of course not!
But it’s possible that you’ve already done it! That’s right: You’ve freely given out usernames, passwords and other information in response to an e-mail asking for this information.
A common scam is for a crook to send out thousands of “phishing” e-mails. These are designed to look like the sender is your bank, UPS, Microsoft, PayPal, Facebook, etc.
The message lures the recipient into clicking a link that either leads to a page where they then are tricked into entering sensitive information or that link is infected and downloads malware to the users’ device.
The cybercriminal then has enough of your information to raid your PayPal or bank account and open up a new line of credit—in your name.
The message typically says that the account holder’s account is about to be suspended or deactivated due to (fill in the blank; crooks name a variety of reasons), and that to avoid this, the account holder must immediately re-enter login information or something like that.
Sometimes a phishing e-mail is an announcement that the recipient has won a big prize and must fill out a form to collect it. Look for emails from FedEx or UPS requiring you to click a link. This link may be infected.
Aside from the ridiculousness of some subject lines (e.g., “You’ve Won!” or “Urgent: Your Account Is in Danger of Being Deactivated”), many phishing e-mails look legitimate.
If you receive an e-mail from a company that services you in any way, simply phone them before you click on any link. If you click any of the links you could end up with malware.
Watch this video to learn about how to avoid phishing:
Save yourself the time and just call the company. But you don’t even have to do that. Just ignore these e-mails; delete them. Nobody ever got in trouble for doing this. If a legitimate company wants your attention, you’ll most likely receive the message via snail mail, though they may also call.
Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- How to Recognize a Phishing Scam
So someone comes up to you in a restaurant—a complete stranger—and asks to look at your driver’s license. What do you do? Show it to that person? You’d have to be one loony tune to do that. However, this same blindness to security occurs all the time when a person is tricked by a “phishing” e-mail
- How to win the War on Phishing
A phishing attack is a trick e-mail sent randomly to perhaps a million recipients, and the thief counts on the numbers game aspect: Out of any given huge number of people, a significant percentage will fall for the trick. The trick is that the e-mail contains certain information or is worded in such a way as
- Phishing 101: How Not to Get Hooked
You’d think that it would be as easy as pie to avoid getting reeled in by a phishing scam. After all, all you need to do is avoid clicking on a link inside an email or text message. How easy is that? A phishing scam is a message sent by a cybercriminal to get you to click on a
- Fake Funeral & E-mail Scams: Recognize & Avoid
How does a funeral scam work in the first place? This is something that I, as a security analyst, teach to the consumer public. First of all, the fake funeral scam starts off with an e-mail. The fraudulent e-mails come disguised as a notification for a funeral. The Better Business Bureau describes how the funeral scam
- Look out for Shipping E-mail Phishing Scams
Stop clicking on e-mails about your package delivery! Scam, scam, scam! Look, it’s simple: Scammers are also pretending to be from the DHL and FedEx shipping companies, not just UPS. Crooks know that at any given time, thousands and thousands of U.S. people are waiting for a package delivery. So these cyber thieves send out mass e-mails by