Let’s Go on a Phishing Expedition Pt. 2

A phishing e-mail that impersonates a big, reputable company such as PayPal, eBay, Amazon, etc., can look very convincing. If only users realized how incredibly easy it is to build a message template that includes the impersonated business’s logo and other designs and formats.

But if the e-mail looks so much like the real thing, then how do you tell it’s a scam? By having some simple knowledge, and it’s this: It is very rare for a reputable company to send you an e-mail requesting that you type in your password, username, credit card number or other highly sensitive information!

Another tip-off is that these fraudulent e-mails will never know your full name, but even if your full name is there…just remember the big rule: Companies will not request your login credentials, credit card number, etc. But so many people don’t know this that the scammers are always hitting home runs.

In addition to the U.S., phishers have also been targeting Asia and Southeast Asia, and more countries. The type of scam may be determined by the targeted country. For instance, in India, where many people perform endless hours of hard labor, users get reeled in by the promises of job placement. In China, the type of phishing that baits people is the lottery scam.

The scammer’s goal is to get the recipient to wire them money, and sometimes, the scammer will build a romantic relationship in an attempt to really muddle up the victim’s sense of rationale.

Once the money is wired to the thief, the thief often won’t stop.

Why stop after just one transfer when you have a victim whose mouth is tightly clenched to the bait?

How can you prevent getting sucked into a major rip-off?

  • Never click a link that’s inside an e-mail, even if it appears that the sender is someone you know or a company you do business with. Just don’t click it! Don’t, don’t, don’t! Like junk mail that you don’t open, don’t click a link inside an e-mail.
  • Now you must practice some common sense, of course. If your spouse tells you he’s going to send you a link to an article, and shortly after it arrives, and the subject line says something like, “Here’s the article,” then I’d say it’s pretty safe to click that link.
  • But you should still be careful before you click.
  • If someone is asking your for financial or other personal information, do nothing but hit delete.
  • If you’re tempted to click the link (why would you be after reading what I just told you?), at least first call the company or text the person to see if they sent you the link. Don’t want to bother with this hassle? Fine, then don’t click the link! Delete the message. I’ve yet to hear of someone getting clopped on the head with a rolling pin, lose their medical coverage or job, or have their account suspended just because they didn’t open the link inside an e-mail.
  • Never fill out forms inside of e-mails.
  • If an e-mail seemingly comes from a business but does not address you by name, delete it.
  • And especially be suspicious of business e-mails that have typos.
  • Check your credit card and bank statements every month for any unusual activity and report any. This must be done immediately.
  • Keep your computer browser up to date.
  • There is a special toolbar that can be installed in your browser that will detect fraudulent websites.
  • Use anti-phishing protection for your browser.
  • When going to a website, always read the URL after you get there. Crooks have created websites to look like the legitimate thing, but the site address is one character off the real company’s address. The incorrect address either reflects the most common keystroke error that people make when typing, or it contains a replacement character that resembles the real character, such a Roman numeral 1 instead of the regular numeral 1.