Phishing or Fishing – Someone or something is on the hook
Written by Rob Saunders, April 1, 2015
When you talk about fishing, the goal is to go to the lake and catch some fish. When you talk about phishing, the goal is to send emails and catch someone’s information. In either case, something or someone is in trouble.
Fishing you know all about, so we will talk about phishing and why it is a problem. The purpose of a phishing email is to get you to click on a link that you would not normally click on so the bad guys can get information from you or your computer that would benefit them. They are good at it and very convincing. They are masters of deception and know what makes people react, and they take advantage of that every day. Below are some examples of possible phishing emails.
- An email from USPS saying they need information to deliver a package
- An email from Fedex saying the same thing
- Any email from the IRS
- Emails from Amazon or any other popular mail order type company saying they need information to deliver a package
- Email offering a free pizza from Pizza Hut
- And any other popular topic that would get your attention
First a statistic then some ways you can avoid these scams. The statistic is when ten emails sent in a phishing attack, there is a 90% chance you will open one of them. This is why there are so many of this type email – it is “easy money”.
You do not want to be one of the 90%; it is easy; you just need to be aware and educated.
- Do not click on a link or attachment in any email quickly – take your time.
- Take note who is sending the email. Look at the email address not the name of the person that comes before the email address. That information can be anything they want it to be. If it looks suspicious, don’t click on it.
- If the attachment is a.ZIP file and you are not expecting it, stay away from it. Resist the temptation to open it. It is bad.
- If they are asking you to click on a link and it is not something you are expecting, don’t do it. If you have a Windows computer, you can mouse over the link, and it will show you where it will take you. If you have an Apple device, you can click and hold (I don’t like doing that) and it will give you options including where it will take you.
- You need to pay attention to the link you are looking at above, for example, www.package.fedex.com would be a legitimate address. You can have something with a “.” then the URL (Fedex.com) that is okay but www.fedex.iwantyourinfo.com would not be a good link. These can be very deceptive and easy to miss. Take your time.
- Think. Are you really expecting a package or information from that company? If not delete the email or call the company sending the package.
- Lastly, if all else fails, call the person, if you know them, or company and ask them but do not use the provided phone number in the email. It may not take you to the company at all. Look them up if needed by going to their website. Do not do a search for the phone number. They will put fake phone numbers out there.
I know this is a lot. There is a lot more, but this is a good start. Older people are easy targets for these and other scam artists. You do not want to be their next victim. Below is a list of things you should never include in an email to someone – even someone you know and trust, others can see your emails.
Social security number
Driver’s license number
Date of Birth
Credit Card Number
Bank Account information
If you do feel a need to provide even the most innocent pieces of information to a person that sent you an email such as name, address, phone number you may think that is nothing. It is their way of gaining your confidence and eventually they will ask for more information.
Do not play with these people. You may recognize that it is a phishing email, and you want to communicate with them knowing that they are bad but you can control the situation – don’t. These are bad people and are not playing. If you get a phishing email, delete it and move on to other more pleasant activities.
By Rob Saunders