Phishing-type e-mails are designed to trick the recipient into either downloading a virus (which then gives the hacker remote control of the computer) or revealing enough information for the thief to open credit cards in the victim’s name, get into their bank account, etc.
There are many ways the crook can trick the victim. Here are telltale signs:
- The message wants you to “verify” or “confirm” your password, username or other sensitive information.
- And why must you do this? Because “suspicious activity” has been detected on your account, or, your account “is at risk for being compromised.”
- Your name may or may not be in the message. Always be suspect.
- Financial institutions will never ask you to enter your login information in an email and be suspect on a website.
- Another ploy is the subject line: There’s a sense of urgency, such as, “Your account is about to be suspended.” A business will contact you by phone or snail mail if there’s a problem.
- Even if the e-mail seems to have come from your boss at work and addresses you by name, and includes a link…realize that a hacker is capable of learning enough about someone from their LinkedIn page and Facebook to then convincingly impersonate someone they know.
Links in E-mails
- Typically there’s a link (when there’s not, there’s a malicious attachment).
- Never click links inside e-mails even if the sender seems to be your employer, health plan carrier or other enterprise you’ve done business with.
- Hover the mouse over the link. If the URL is different than what’s there, assume it’s a scam.
- Generally, only click links in emails when you have to actually click the link to verify an email address once you have just signed up for a new website.
Additional Telltale Signs
- Just weird stuff. For example, a person who edits for a living receives an unexpected e-mail explaining there’s an attachment that needs to be proofread; wow, a paying gig!
- Not so fast. The accompanying letter is very poorly constructed, including misspellings of common words, and includes very irrelevant information, such as “I’m a single mom with three wonderful kids.” Why would THIS be included in a legitimate proofreading job?
- Yet how did the scammer know you’re an editor? Because the crook’s software somehow found your e-mail on the editing gig site you registered with two years ago.
- The subject line says you’ve won something, or you’ll lose something.
- If you go to a website and don’t see your site key (if you registered with one), leave. But you shouldn’t have gone to the website in the first place!
- Always beware of emails purportedly from FedEx, UPS, Amazon, Ebay or anything in your spam folder.
Embrace the idea of deleting reams of UNREAD e-mails without having opened them. If a subject line has you worried, such as “You owe back taxes” or “Your shipment was lost,” then phone the appropriate personnel to see if this is true.
If you suspect you’ve been scammed:
- Log into whatever account might be compromised and check messages, contact customer service.
- Place a fraud alert on your credit if your SSN was exposed.
- Update your security software; run a full system scan.
- If you revealed any login information, change that account’s login data.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- How to Recognize a Phishing Scam
So someone comes up to you in a restaurant—a complete stranger—and asks to look at your driver’s license. What do you do? Show it to that person? You’d have to be one loony tune to do that. However, this same blindness to security occurs all the time when a person is tricked by a “phishing” e-mail
- Phishing Scams: Don’t Click that Link!
You’re sitting on your front porch. You see a stranger walking towards your property. You have no idea whom he is. But he’s nicely dressed. He asks to come inside your house and look through your bank account records, view your checkbook routing number and account number, and jot down the 16-digit numbers of your
- Fake Funeral & E-mail Scams: Recognize & Avoid
How does a funeral scam work in the first place? This is something that I, as a security analyst, teach to the consumer public. First of all, the fake funeral scam starts off with an e-mail. The fraudulent e-mails come disguised as a notification for a funeral. The Better Business Bureau describes how the funeral scam
- Beware of Apple ID Phishing Scams
You may have been scammed after you responded to an e-mail that appears it came from Apple. When hackers send e-mails that appear to come from a legitimate company like Apple (or Google, Microsoft, PayPal, etc.), with the objective of tricking the recipient into typing in passwords, usernames, credit card information and other sensitive data,
- Look out for Shipping E-mail Phishing Scams
Stop clicking on e-mails about your package delivery! Scam, scam, scam! Look, it’s simple: Scammers are also pretending to be from the DHL and FedEx shipping companies, not just UPS. Crooks know that at any given time, thousands and thousands of U.S. people are waiting for a package delivery. So these cyber thieves send out mass e-mails by