Over the last few years there phishing incidents have been on the rise, playing havoc with many small business and individual users. Even large businesses can be a target. The only way for a computer user to avoid these threats is to recognize a phishing email/phone call and know what to do (or not do).
To understand what these threats are let’s start with the basics:
What is Phishing?
Phishing is an attempt to get someone to give sensitive information such as username, password, and credit card details (and sometimes, indirectly, money), by masquerading as a trustworthy entity in an electronic communication. These requests for information can come in the form of phone calls, but are most often received in emails with requests to open an attachment or login to a specific website.
Recognizing phishing email messages, links, or phone calls
Phishing email messages, websites, and phone calls are designed to steal money. Typically cybercriminals use the bait of an attachment to an email message or sending the unsuspecting recipient to a website to confirm their personal account information. Either way, they use the bait to install malicious software on your computer that can open your computer up to their probing. In addition, many of these malicious emails can install a stealth keystroke logger that will allow the criminal to stealing your keystrokes and personal information off of your computer. Cybercriminals can also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses.
What does a phishing email message look like?
A phishing email often looks very real. The scammers may use a similar copy of a logo of a legitimate business to get you to do what they want. Take a look at this example of a phishing email message.
How can I tell if a message is a scam?
Be suspicious. If an email asks you to login directly from a link when you have not asked for something from the company, don’t. Investigate if you are not sure. There are some tell-tale signs that a message may be a phishing attempt:
Beware of phishing phone calls
If you get a phone call from a legitimate software company like Microsoft that offers to fix a problem with your computer that they are seeing at their headquarters, it is most likely a phishing attempt. These calls typically end with a “technician” logging into your computer to resolve the issue and maybe even install new software. Once you allow the technician to login, your computer and your personal information is vulnerable. No legitimate software company will make unsolicited phone calls to charge you for resolve computer security or software issues.
Once a scammer has gained your trust, they often ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Treat these types of unsolicited phone calls with skepticism. Never provide any personal information such as social security number, credit card number, bank account number or any type of user name or password to these callers.
Report phishing scams
Whether you receive a phone call or see a pop-up window on your PC asking for information and feel uncertain it is from a trusted source, don’t take the risk and comply. Investigate. If you are still not sure, reach out directly to your trusted technical support experts. We, at Patricia Egen Consulting can help. We much prefer helping our clients avoid these types of issues before serious damage is done.
If you receive a fake phone call, you take down the caller’s information and report it to your local authorities. In the United States, use the FTC Complaint Assistant form at https://www.ftccomplaintassistant.gov/#crnt&panel1-1.
For help with issues such Phishing other related security issues, contact us at: (423) 875-2652 or firstname.lastname@example.org
Source: Parts of this article were taken from Microsoft.com website.