Phishing scams: Please don’t feed the phish
One of the most common ways for hackers and criminals to get your private information is via a technique called phishing. In essence, some ne’er-do-well creates a fake website, email, or some other method to confuse you into coughing up your information. The way they do this is to copy legitimate emails or pages, complete with copyrighted photos, taglines, the works. That way, at first glance, the email or page looks perfectly legit. Here’s an example:
This is something a family member got recently, and almost opened the attachments, but called me first to confirm. First, notice that the fact this is in Italian. None of my family speak Italian, nor have they been to Italy, so that’s one rather obvious clue that this isn’t legit. Another is the email address. Anything from a legitimate Apple address would end in apple.com, not the convoluted email address shown above.
In fact, here’s a better example:
Here, the sender took the steps of actually using the legitimate Paypal logo, and what looks like a legit, but suspiciously not legit Paypal email address. Also, note the grammar, the suspicious tone of the message, as well as the fact that the link doesn’t go to a Paypal address. The fact that it doesn’t is a dead giveaway that whoever is behind this phishing email is trying to get your info so they can drain your Paypal, bank account or whatever else is tied to your Paypal account.
So here’s some things to look out for if you suspect you’ve received a suspicious or phishing email:
- Check the email address. Is it actually from the company? Even if it looks close, make sure that it really is from the company…
- Look for spelling and grammatical mistakes. Most phishing attacks come from overseas, and not everyone overseas has a full grasp of English, and some just use Google Translate, so there may be some obvious mistakes
- Hover your mouse over the link but DO NOT click it. If the link doesn’t go to the website belonging to the company, then it’s definitely a phishing scam.
- Use your head. Even if everything does look legitimate, it’s sometimes best to err on the side of caution and call the company to verify they sent it and the email actually claims what it says. If not, then feel free and delete it at your conveneince.