What Are Phishing Scams: How to Detect and Protect Your Personal Information
Let’s say you received an email from an online store you often use to make purchases. “Verify your account to continue using bonuses.” You followed the link from the email, entered your personal data and debit card details. Then you were asked to make a $1 “test payment”. During the payment, you had to enter a three-digit code from the back of the card. As soon as you entered this code, you received a message from the bank about money being taken out of the account. However, it was $1000, instead of $1. This is a definition of phishing scams. Let’s figure out how it happened.
Phishing Scams Definition
Phishing is a type of Internet fraud, the purpose of which is to obtain user identification data. This includes stealing passwords, credit card numbers, bank accounts, and other confidential information.
As for the example above, the letter to you was not sent by the store, but by cyber fraudsters. They tricked you into giving away your sensitive information. This type of fraud is one of the examples of phishing scams.
How to Identify a Phishing Scam
What is the way to identify phishing scams? It is not always easy to predict the actions of fraudsters, but there are ways to avoid becoming a victim of phishing.
Pay Attention to the Sender of the Message
In most cases, scammers do not try to hide the address used for the dangerous messages. Sometimes scammers use addresses that are similar to the services they impersonate, but differ from the original in small details, such as the content of the letter or annotations to them.
Particular attention should be paid to the addresses of the pages to which they link. Contrary to their looks, you don’t have to click on them to see where they take you. Just hover your mouse over the link and wait until your browser or email program shows the URL hidden under the text. Pay attention to websites that are not related to the service provided.
Requesting Sensitive Data is Always a Scam
The basic principle of electronic communication security between service providers and their customers is not to send confidential data in correspondence. If you are asked to enter a username and password for a service because your account is blocked, you can be sure that the message was sent by criminals. However, if you have any doubts, it is better to contact a provider. Remember, neither banks, nor mobile operators or other services have the right to force you to send them personal data.
Keep an Eye on Attached Files
Criminals use malware to hijack sensitive data or compromise computers and entire networks. Most often they are hidden in ZIP or RAR archives and are in the EXE or BAT formats. You should pay close attention to them and scan them with an antivirus program before launching.
If you pay attention to these elements when analyzing suspicious messages, chances are you will not be fooled by scammers.
Types of Phishing Scams
There are multiple actions that define phishing scams. Here are the most common ones.
The purpose of such a letter is to trick the recipient into transferring funds to a fake account. According to the FBI, such attacks result in billions of dollars in losses annually in the United States alone.
Clone phishing attempts to use real emails and messages that the victim has already received to create malicious versions of them. The hacker then sends a bogus email from a plausible-looking email address. The text of the letter remains the same, but all links and attachments are replaced with malicious ones. A lot of careless users are caught on this bait.
It is a type of phishing attack that focuses on SMS and instant messengers. The fraudster tricks a person into downloading malware from the link provided in the message. In this case, the text of the message usually indicates something tempting, for example, “get a chance to win free tickets to the show.”
Vishing, or “voice phishing”, works roughly the same way. The hacker calls the victim and asks the victim for their personal or financial information.
How to Report Phishing Scams
It could be very helpful to report suspicious emails and messages. If you received a phishing email, forward it to the Anti-Phishing Working Group ([email protected]). If you got a phishing message, forward it to SPAM (7726).
Here are some helpful links to report phishing as well:
There are many phishing scams examples. Stay alert, use caution, and watch for signs of a possible phishing attack.
- Great! Did you like the article and we would like to know what it was about?
- You didn't like the article? Tell us why!