Phishing is a fraudulent scam in which hackers or scammers attempt to fraudulently obtain information from you for malicious reasons. They often disguise themselves as a trusted source, like your bank, university, or service provider, and they’re looking for sensitive information, like usernames, passwords, and financial account information. They appear to be a trustworthy source, but are in fact trying to scam you. Phishing scams mimic the process of fishing—only, you’re the fish. Scammers put out a lure in the form of a fake form of communication (usually an email that leads to a fake website) in the hopes they will bait you by getting you to bite and provide the sensitive information. There are several key indicators you may be falling victim to a phishing scam, as well as ways to ensure you will not be baited.
If you receive an email that you’re concerned about, review it to see if you can find any of the top red flag indicators. The scams often try to panic the recipient, making them think they’re a victim of fraudulent activity and need to act immediately or they will lose their account. Often, the email will not be addressed to you, the recipient. If it were coming from a legitimate source, they would know your name. Do you recognize who the email is coming from? Were you expecting an email of this sort? Do they address you using your name in the body of the email, or does it say customer? If you use the company’s resources, they should know your name. Make sure the body of the email doesn’t have any obvious indicators that something corrupt is going on. For instance, an email that says you’ve exceeded the number of attempts allotted to access your account when you’ve not logged in recently is an obvious red flag. The email shouldn’t be littered with grammatical errors either. They also (obviously) shouldn’t be asking for any sensitive information.
However, scammers are smart. Some of them may have corrected all these simple mistakes already. They know your name and the body of the email appears legitimate. So what do you do to prevent being a victim of a vicious phishing scam? For starters, don’t click on the links in the emails. Chances are, if you use the company a lot, you already have them bookmarked in your browser. Otherwise, use a search engine to type in the company’s name and the link from the potentially fraudulent email to go to the correct site. The email is legitimate if you see the same information when you log into your account on the legitimate site. This process is the only way you’ll guarantee you land on the legitimate site. Clicking on theirs will take you wherever they want you to land, and while it may look convincing, giving them the information they request will put you in danger. Read your emails in plain text so you can see where image URLs are directing you. Be sure you also install a good tool that will determine if the website you’re on is safe or malicious. Of course, you should also have a good antivirus solution.
If worse comes to worst and you believe you’ve fallen victim to a phishing scam, you should immediately change all your passwords, especially if you use the same or similar passwords for multiple sites. Once they have your information, hackers will be trying to access all your other accounts. File a phishing scam complaint with the FTC. Then, be sure to call the computer experts at Dijital Majik in St. Cloud, MN and bring your machine in to have any threats addressed.