How to Recognize Phishing Emails and Text Messages
Phishing is, by far, the most common way miscreants steal your personal information and even your identity.
Millions of people are tricked into giving up their personal information to criminals every single day. Almost always, this happens because these poor folks were tricked into clicking links in phishing emails or opening links in text messages.
Phishing is a type of deceptive email or message that’s designed to trick you into divulging personal information, such as Social Security numbers, credit card numbers, account usernames, and passwords, as well as other sensitive information such as your cell phone number, home address, sensitive account data, passwords, or other personal or financial information.
You might see a phishing scam:
In e-mail messages, even if they appear to come from a coworker or someone you know. For computer-savvy criminals, email “from” addresses are easy to forge.
On your social networking Web site.
On a counterfeit website that accepts donations for charity or offers to help victims of a recent catastrophe.
On websites that spoof familiar sites using slightly misspelled Web addresses like mircosoft.com (it’s called typo-squatting or cybersquatting) hoping to fool you – or just hoping you won’t notice.
In your instant messaging program.
Spam, smishing, vishing voice calls or text messages on your cell phone.
Voice calls to your home telephone (vishing).
Most often though, phishing scams rely on getting you to click links in emails or text messages. These messages often appear to come from a company or other entity you trust, such as your bank, credit card company, your favorite online shopping sites, or social networking sites. The links often lead to counterfeit websites that look identical to sites you know and trust. Sometimes, unless you look at the address in your browser’s address bar, you cannot tell these counterfeit sites from the authentic site. That’s why it’s so important that you never click links in suspicious emails, even if the emails appear to be from someone you know and trust. Email headers, “from” addresses, and “from” phone numbers, can be easily forged even by those who are not computer experts. It’s easy to do.
What to look for…
Here are a few phrases to look for in messages that practically scream out “This is a phishing scam”.
“Verify your account.”
Legitimate businesses never ask you to send passwords, login names, Social Security numbers, or other personal information via email.
“You have won the lottery.”
The lottery scam is a common phishing scam known as “advanced fee” fraud. The most common form of this type of fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. If you didn’t buy an entry to a lottery, you could not have won a lottery, could you? Common sense should be your guide here.
“If you don’t respond within 48 hours, your account will be closed (or suspended).”
The sense of urgency these messages convey tries to induce you to respond immediately without thinking. Ah, see? Common sense prevails. Never click without thinking. Use the common sense you apply every day in your normal (non-internet) life to the Internet – especially when it comes to email and text messages.
In another version of this, an email message might claim that your immediate response is required because your account may have been compromised.
“You have been caught doing illegal things on the Internet”
This type of phishing email may appear to have come from your ISP or even from the police or other authorities. Police aren’t going to notify you by email that you’ve been doing illegal things. They’d be at your door with a search warrant.
Your ISP isn’t going to write you about your illegal activities, they’re going to notify the authorities who will then appear at your door with a search warrant. Think!
Even if you have been doing illegal things with your computer – which we know you haven’t, you’re not going to be notified by email that you’ve been caught. Think about it. Why would the FBI or police tip you off first? So you could flee to Lower Slobovia and avoid arrest? Think!
“Your ISP is going to suspend your account”
Oh really? It’s not even from my ISP – and even if it appeared to be from my ISP is not going to notify me by email. They have my home address and phone number. Think! Don’t fall for this one.
Most phishing scams use email and cellphone calls or text messaging to fish (“phish”) for victims.
Phishing is used to scam you via email, cell phones, and home phones too.
You can defeat any phishing scam with nothing more than the gray matter between your ears. Use your head. Always keep your favorite browser up to date and use a good antivirus / anti-malware program.