Tips to help you identify common phishing scams and take steps to avoid trouble
If you spend any time online, you've probably been the target of a phishing attack. This is when a scammer pretends to be from a reputable company to get you to reveal personal information they can use for their own gain. They do this through a number of communication mediums, including emails, website pop-ups, text messages and even mobile apps. Here are some tips to help you spot the most common phishing scams and take the necessary steps to avoid trouble.
Common Email Phishing Scams
Email phishing scams take on the appearance of a legitimate email. They may even appear to be from a company you're familiar with (such as Amazon, Costco or Netflix), to take advantage of your trust and gain personal or financial information. Here are some common email scams:
Foreign lottery. Congratulations! You just won a big prize! Unfortunately, it's often in a foreign country, and you must pay a small amount upfront to receive the larger reward.
Survey says. You get a request to take a survey for a social issue you may care about. When you click the link, you get infected with malware.
Bank on it. You receive an email saying there is something wrong with your bank, Netflix or PayPal account “that needs your attention.” You're then directed to a fake site where you are instructed to login so they can steal your user name and password for the actual site.
Common Phone Scams
Phone scams come in many forms. Some seem friendly, while others try and use intimidation. Either way, the goal is to get your personal information and money. Here are some common phone scams:
Fix your credit. Give them some money and they promise to “fix” or “remove” your debt.
Please give now. You need to give money today to help these people in need.
Extended car warranties. Almost everyone with a cell phone has had one of these robocalls. The scammers access public purchase records to try and sell you overpriced or worthless car warranties.
I think I might be getting scammed. What should I do?
If you think you've received a suspicious communication, here are some questions to ask yourself and defeat the scam before it even gets started:
Does it pass the eye test? Phishing emails often contain a number of spelling, punctuation and grammar errors. In addition, the email may contain an embedded logo of a well-known company (to try to make it look “official”) that looks a bit fuzzy or blurry. If you read through it and spot any of these things, it's a pretty good bet that it's a scam email.
Is this asking for too much information? Be on the alert if anyone seems to be asking for sensitive information, like your Social Security or bank account number, even if you are talking to a company or bank you do business with.
Do I know you? Ask this simple question before responding to a message. First check to see if you recognize the sender's name and email address. If you don't do business or haven't requested information from a particular company, don't click on any links or take any surveys.
Do you know me? Avoid communications that lack personalization. “Dear valued customer” is your clue to ignore it.
Is this a legitimate link? Before clicking on a link, hover over it with your mouse to see if the URL address looks legitimate.
Am I on the web page I think I'm on? Before logging into an online account, make sure the web address is correct. Phishers often counterfeit legitimate websites, hoping to trick you into entering your login details.
Is it too good to be true? Avoid “free” offers or deals that sound too good to be true.
Is my security software active? Always use comprehensive security software to protect your devices and information from malware and other threats that might result from a phishing scam.