October 15, 2019
Did you know that the FBI’s Internet Crime Complaint Center reported that $30 million was lost to phishing scams in one year? Phishing is a cyber-crime in which an unsolicited email or text message is sent by a fraudster who works to extract sensitive personally identifiable information, banking and credit card details and passwords. Below are some tips about what phishing looks like.
- Be mindful of the most common signs of a phish: unexpected emails or texts with generic greetings, embedded hyperlinks, attachments or grammatical inaccuracies. These messages often convey a sense of urgency.
- Spear phishing attacks are more sophisticated, as the fraudster uses information they have gathered about you specifically to tailor their message to appear more legitimate. They will likely come in the form of a message from someone you know and trust – such as your bank, an online retailer that you shop with, a known friend or acquaintance in your email contact list … and even your boss! Around the holidays, fraudsters deploy phishing emails that look like they are from UPS, FedEx or another delivery service with “an important update about your package delivery". If you receive a strange message from someone you know that asks you to pick up gift cards, wire money, or “update” your account or other credentials, be sure to report it or delete it immediately. If the message contains a hyperlink or attachment – do not click or open the attachment! By clicking or opening, that is how fraudsters infect your machine with malware.
- Vishing attacks, similar to phishing, are from cybercriminals who contact you by phone impersonating someone in a position of authority. To protect yourself, do not provide any account or login information over the phone and try not to answer phone calls from numbers you don’t have stored. And, please – don’t trust your caller ID – call spoofing (the fraudster makes their phone number look like it is from someone you know and trust) is prevalent. Learn more about vishing attempts here.
- Do not share passwords or email accounts
- Do not act on unsolicited emails requesting or offering money, a gift card or another immediate action. Remember that urgency or secrecy in a message usually means that it is fraudulent.
For more information on phishing attacks, click here.