Phishing scam websites have become more sophisticated and devious with today’s technology. The phishing scam itself has also become more innovative in its agenda to persuade the innocent to reveal personal information, account numbers, passwords, and all manner of encrypted information that can be devastating in the hands of the unscrupulous.
|SEE ALSO: The Internet Glossary|
What is Phishing?
The term “phishing” developed into a criminal buzzword in the 1980s as a play on the sport of fishing, in which bait and a line are used to lure and trick the fish to bite on the lure and become a meal for the person doing the fishing. On the internet phishing platform, you are the fish. An email sent to you that will induce you to provide your bank information or other personally sensitive information constitutes the bait, and the dialogue or fictional text that convinces you to trust the untrustworthy is their line. Once you have responded to their line, you are considered to have given them a bite, which is access to incredibly damaging information about your personal or business accounts.
Phishing is a very widespread practice and statistics report that everyone on the internet receives at least one contact per day. This page on Microsoft’s Safety & Security Center explains how to recognize phishing email messages, links, or phone calls. Some examples of phishing scams currently making the internet rounds are:
- A letter from Africa revealing an inheritance that cannot be claimed due to political unrest in their country. They ask you to provide information for depositing the funds in your name at your banking institution, offering a sizable reward for your cooperation. This is a scam.
- Another current phishing scam favorite is to write as though the sender is an American military young person serving abroad who needs your help desperately. This is a scam.
The scammer always offers the fish a sizable reward for assisting them as bait. It all is, of course, pure scam and the most elementary fiction. Nonetheless, people from all walks of life have fallen for phishing scams, much to their regret and loss. One national crime story revolved around an American family wherein the wife had fallen for a phishing scam and lost several thousands of dollars of the family’s small savings, and even plunged them into serious debt. The couple’s marriage suffered to the extent that the wife eventually murdered her pastor husband in a moment of fear of reprisal and shame.
How Phishing Works
The process of phishing is that of a confidence artist, where a targeted individual (you) receives contact by email or telephone by someone posing as a trustworthy person or officer of an institution to lure the individual into providing banking information, credit card details, and/or passwords that then permit the stranger open access to private and business accounts. They also can install malware or virus interruptions to your online services, which enable them to use your online contacts to bilk money from you, as well as others on your web lists. This article on StaySafeOnline.org delves deeper into how phishing works and how to avoid being a victim.
Phishing and Identity Theft
In reality, the internet territory is a very slippery slope. All too often, users slide right into identity theft—your identity. Most phishing emails claim legitimate sources and websites. The emails ask users to enter bank details or other personal information. There are also phishing websites which look exactly like real ones with logos, trademarks and page layouts that emulate the real thing.
If provided with a hyperlink to click and provide information, do not ever click or activate the hyperlink, as that may be sufficient to install malware or a hack onto your internet identity. It is far better to simply telephone your banking institution to check out the email contact. You can read more on identity and other kinds of theft in our Theft Definition article.
Anti-Phishing Software and Reliability
While it’s smart to be aware of the most common scams, it never hurts to arm yourself further against phishing. Types of software are available that specifically address phishing threats. Using such a software is not overkill because if your information falls into the wrong hands, you could be in real dire straits. Anti-phishing software can be built into your browser or can be a standalone software, and both work in a simple and useful way. Information about known phishing scam sites are stored in these programs, which alert the user when he/she stumbles into dangerous sites. Many free options are available and a simple web search on trusted sources will give you several choices to choose from.
Not all anti-phishing software is what it purports to be though. It pays to do a little research before downloading and installing software. Studies returned mixed results in effectiveness of anti-phishing programs. Make sure to research before you select one. You can learn from the mishaps of others by reading reviews and complaints. It pays to avoid anti-phishing software that does more harm than good.
How to Avoid Being a Phishing Scam Victim
The best cure for phishing is prevention. Delete all received email and text contacts that ask you to confirm or provide personal information, and know for a fact that legitimate companies don’t do that. Messages may appear to be from organizations known to you. They might threaten to close your account or take other action if you don’t respond to their contact. Don’t reply, and don’t click on links or call phone numbers provided in the messages, either. These connect you to spoof sites that steal your information so a scammer can run up bills or commit other horrendous crimes in your name.
Area codes mislead. Some scammers will ask you to call a phone number to update your account or access an alleged refund, but having a local area code doesn’t mean a thing. If you’re worried about your account or need to reach an organization, call the number on your financial statements or on the back of your credit card. Find the official contact information of the organization and use it, instead of anything provided by the alleged scammer. Phishing scammers prey highly on the elderly. Many times, the age of the victim is the most important phishing information they need.
Here are some precautions you need to always follow:
- Use trusted security software and set it to update automatically. In addition, use sound computer security.
- Don’t email personal or financial information. Email is not a secure method of transmitting any kind of personal info.
- Only use an organization’s website if you typed in the web address yourself.
- Review credit card and bank account statements as soon as you receive them for fraud.
- Be cautious about opening or downloading files, regardless of who sent them.
What to Do If You’ve Swallowed the Phishing Bait
If you have been tricked by a phishing email, there are a few things you can do:
- Forward phishing communications to the company being impersonated.
- You may also report phishing to [email protected]. Antiphishing.org is a group of ISPs, vendors, financial organizations and law enforcement entities, all of whom use reports from citizens to fight phishing attacks and scam websites.
- Fill in a Federal Trade Commission report at https://www.ftccomplaintassistant.gov.
Offline is a Danger Zone, Too
Use caution when offline, too. Sometimes, the info you cast aside is valuable to a con artist. Lock documents and records in a safe place, and lock your wallet or purse in a safe place at work. Keep information secure from roommates or workers around you.
- Limit valuables on you. Take only the identification and debit cards you need. Leave your Social Security card at home and make a copy of your Medicare card and black out all but the last four digits on the copy to keep it private, unless you are taking it to a doctor’s office that same day.
- Shred receipts, applications, insurance, statements, checks, bank communications and expired cards when you don’t need them any longer.
- Destroy prescription bottle labels before discarding. Don’t reveal any health plan information with anyone.
- Take all outgoing mail to collection boxes or the post office and remove mail that arrives ASAP. When you order new checks, don’t have them mailed to your home unless you have a secure mailbox with a lock.
Safely Dispose of Personal Information
Before you dispose of:
- A computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.
- Before you dispose of a mobile device such a phone or tablet/notebook, check your owner’s manual and website for information on how to delete information permanently or transfer information to a new device. Remove the memory stick or SIM card.
Encrypt Your Data
Online, you can use encryption software that thoroughly encrypts all information you send over the internet. A “lock” icon on the browser means exactly that. Look for the lock every time you send personal or financial information over the information highway. It is called that for a good reason!