How to recognize phishing – email and other kinds

By | May 28, 2011

Phishing is a type of deceptive email or message designed to get you to take action and divulge  your valuable personal data, such as credit card numbers, account IDs, or passwords, other account data and passwords, or other personal or financial information.

You might see a phishing scam:

  • In e-mail messages, even if they appear to be from a coworker or someone you know. Email “from” address are very easy to forge.
  • On your social networking Web site.
  • On a fake Web site that accepts donations for charity or offers to help victims of a recent catastrophe.
  • On Web sites that spoof familiar sites using slightly different Web addresses (typo-squatting or cybersquatting) hoping you to fool you – or that you won’t notice.
  • In your instant messaging program.
  • On your cell phone or other mobile device.
  • On your home telephone

Most often though, phishing scams rely on getting you to click links in e-mail messages. These messages often seem to come from a service that you trust, like your bank, credit card company, or social networking site. The links often lead to Web sites that look identical to sites you know and trust. Sometimes, unless you look at the address in your browser’s address bar, you cannot tell these cloned sites from the real site. That’s why it’s so important that you never click links in suspicious emails, even if the emails appear to be from someone you know and trust. Email headers and “from” addresses can be easily forged even by those who are not computer experts. It’s very easy to do.

Here are a few phrases to look for in email messages that practically scream out “this is a phishing scam”.

“Verify your account.”

Legitimate businesses never ask you to send passwords, login names, Social Security numbers, or other personal information via email.

If you ever receive an e-mail message from Microsoft asking you to update your credit card information, do not respond to it: this is a phishing scam.

“You have won the lottery.”

The lottery scam is a common phishing scam known as “advanced fee” fraud. The most common form of this type of fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. If you didn’t buy a entry to a lottery, you could not have won a lottery, could you? Common sense should be your guide here.

“If you don’t respond within 48 hours, your account will be closed.”

The sense of urgency that these messages convey tries to induce you to respond immediately without thinking. Ah, see? Common sense prevails. Never click without thinking. Use the common sense you apply everyday in your normal life to the Internet – and especially email.

In another version of this, an email message might claim that your immediate response is required because your account may have been compromised.

“You have been doing illegal things on the Internet”

This type of phishing email may appear to have come from your ISP or even from the police or other authorities. Police aren’t going to notify you by email that you’ve been doing illegal things. They’d be at your door with a search warrant. Your ISP isn’t going to write you about your illegal activities, they’re going to notify the authorities who will then appear at your door with a search warrant. Think! Even if you have been doing illegal things with your computer – which we know you haven’t, you’re not going to be notified by email that you’ve been caught. Think about it. Why would the FBI or police tip you off first? So you could take off for Lower Slobovia and avoid arrest? Think!

“Your ISP is going to suspend your account”

Oh really? It’s not even from my ISP – and even if it appeared to be, my ISP is not going to notify me by email. They have my home address and phone number. Think! Don’t fall for this one.

While most phishing scams occur on the Internet these days, cellphone scams are increasing. We both have cellphones and if we get a call from a number we don’t recognize we simply don’t answer it. After they’ve called we google the number to see who called us. Almost never do these scammers leave a message.

Yesterday for the first time, we became aware of landline phone scam. The call appears to come from Capital One, the number is 866-849-2343. It appears to be Capital One bank, toll-free number. It’s not. It’s a scam using a forged phone number….here’s an example of one of the reports about this scam….

“(I) Got a call from 866-849-2343. An Indian or Pakistani guy answered. He said he was in India. Transferred me to Customer Service in Louisiana. 1800-262-5689. I talked to a lady she said she was with Capital One Customer Service. This whole thing is a scam….”

Phishing has left its birthplace (email) and is now being used to scam you using cell phones and home phones too.

You can defeat any phishing scam with nothing more than the gray matter between your ears. Use your head. To make things a little easier always use the most updated version of your favorite browser. All major browsers come with good phishing and fraudulent Web site detection. And needless to say, keep your antivirus and antispyware up-to-date.

Leave a Reply

Your email address will not be published. Required fields are marked *