Who are Phishers?

Phishing is a type of crime. Thieves cast out the bait and hope the targeted victims will latch onto it, and once they’re hooked, they’re reeled in for the kill, slowly roasted over the open flame.

Some phishers operate solitarily, while other phishers work in an organized crime ring. But the ones who work in solitude do quite well nonetheless. Phishers operate from all over the world, including the U.S. and Russia.

In fact, at least one notorious phishing ring operates from Russia. But solitary phishers can be anywhere, including developing countries that are discovering the wonders of cyber technology.

Phishing typically involves e-mail, but it can also be carried out via snail mail, fax, phone, flyers, even door-to door. The common denominator is that the phisher tricks the victim into revealing valuable information that the thief later uses to gain access to the victim’s money, or, the victim is tricked outright into giving out money.

For example, a simple phishing scam could be a healthy woman posing as a cancer patient (shaved head, cosmetically applied pink colorations to her neck to mimic radiation burns from treatment) soliciting for money to help cover the cost of treatment. She evokes sympathy from coworkers and neighbors, and they give her money—which she spends on gambling or a trip.

There are countless ways phishers get victims to hand over their credit card number or wire over money.

A common way is to take advantage of a high profile disaster, such as Katrina relief or Ebola aid. A phisher may be someone at your door posing as a rep from a utility company wanting to check your furnace. He wants to gain access to your personal information.

The most prolific method of phishing is the e-mail.

The subject line lures the recipient into opening the message. They’re further lured into clicking the link inside or the attachment.

At some point along this chain, the recipient then types in personal information like a credit card number or password and username, believing they’re giving this information to a big outfit that services them, such as eBay, Microsoft, PayPal, their bank or credit card company.

The e-mail may also appear to be from someone they know, and the message might be a simple as “Check out this video!” and the recipient clicks, downloading a virus.

Don’t Take the Bait

  • The subject lines of phishing mails are dead giveaways that they’re scams. The subject lines may be: 1) Blank, 2) Pitch for a weight loss drug, anti-wrinkle cream, sexual performance enhancer, etc., 3) Threat to suspend your account, close out your credit card or cancel a service you have, 4) Warning you’re in trouble for owing back taxes, 5) Claim you won a prize, 6) Plea for your help or 7) Some oddball line such as “Dear Friend” or “Get back to me.”
  • Another red flag is if someone with whom you’ve had previous e-mail correspondence suddenly sends you a link or attachment, especially if there’s no accompanying message, or the message is out of character, such as a past client of your business suddenly sending you—and 50 other people from their address book—a link. A phisher hacked into this person’s e-mail address book!
  • Delete e-mails asking for any personal information. Reputable companies don’t make these requests.
  • Never click links inside e-mails or attachments you’re not expecting.
  • Never fill out forms inside e-mails.
  • Keep in mind a spam filter, which you should have, won’t filter out all the scams.
  • Be highly suspicious of messages with typos, even slight.
  • Never provide your Social Security number online!
  • Each online account that you have should have a different password, and a long and strong one.

Get in the habit of deleting e-mails you’re not expecting.