Aus Flag

Home    Victim´s Story   Fraud Prevention    Project GSO   Hall of Shame   LINKS  

Global Scambaiting Forum  

 
 

 

 

 

 

 

 

 






How to detect Phishing Scams!



The most common Internet scams



 

How Phishing Scams Work

Phishing scams are now a part of everyday life. It’s important that you know how to spot one and avoid becoming a victim.



Overview of Phishing Scams

Phishing scams are just another attempt to get valuable information. Scammers send a mass email to every address they can find. Typically the message will appear to come from a bank or financial institution. The email states that you should update your information for one reason or another, and they usually provide a link that you can click to do so.

This all sounds reasonable and it may look legitimate, but phishing scams are anything but legitimate. The link provided does not take you to the financial institution’s website. Instead, you’ll be submitting your information to a website run by the scammers.



Why Scammers Use Phishing Scams

Why would somebody do this? Well, you can gather a lot of juicy information with a phishing scam.

First, you can get somebody’s account number and password. Then you can try to hijack their assets. Some phishing scams ask for all of your personal information (SSN, mother’s maiden name, date of birth, etc) so that they can steal your identity and open credit accounts in your name. Some victims of phishing scams have given up their credit card numbers only to find that the card was used fraudulently.



Why People Fall for Phishing Scams

Anybody can be tricked by a sophisticated phishing scam. Simple phishing scams are easy to spot, but the best scammers are actually pretty smart. They use a variety of tricks to make the phishing scam look like a legitimate process. For example, they might include a graphic from the bank right on the email message or website. Or, the link provided in the email may look like it goes to the bank’s website while the victim is actually sent to a very different site.



How to Spot Phishing Scams

It is easy to uncover a crude phishing scam. For example, if you get an email from a bank you’ve never opened an account at, then don’t follow the link and enter your personal information. Now, if you actually have an account at the institution it gets more interesting.

You’ll want to look at the message carefully to see if it is a phishing scam. Are words misspelled? Sometimes scammers operate in a second language and they give themselves away by using poor grammar.

You should also examine the link provided. Does it really go where it appears to go? For example, I could tell you that I’m giving you access to the government’s Top Secret Database at https://www.TopSecretDatabase.gov but if you click the link you’ll find that you’ve been directed to a different site. The best way to prevent this is to copy and paste the link (don’t click it) to your address bar. However, you can still get tricked by URL’s that look legitimate but have one or two letters switched.

The best way to avoid becoming a phishing scam victim is to use your best judgment. No financial institution with any sense will email you and ask you to input all of your sensitive information. In fact, most institutions are informing customers that “We will never ask you for your personal information via phone or email”.



Advice for Victims of Phishing Scams

If you have been snagged by phishing scams in the past, you need to be vigilant. First, let your financial institution know what happened. They will likely want to pursue the scammer, and they will monitor your account more closely. Next, I always suggest that victims of phishing scams put a fraud alert on their credit report by contacting one of the major credit agencies. Finally, you’ll need to keep a close eye on your mail and your accounts. If statements stop showing up or if you see unusual activity, call your bank immediately.



How You Can Prevent Phishing Scams

Let’s all work together to prevent phishing scams. If you receive a suspicious email, report it. You can send it to the US Federal Trade Commission at spam@uce.gov or you can just click the “Report as Junk” (or similar) button on your email program.



Some Tips:

How to tell if an e-mail message is fraudulent

Here are a few phrases to look for if you think an e-mail message is a phishing scam.


"Verify your account."

Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail.

If you receive an e-mail from Microsoft asking you to update your credit card information, do not respond: this phishing scam. To learn more, read Fraudulent e-mail that requests credit card information sent to Microsoft customers.


"If you don't respond within 48 hours, your account will be closed."

These messages convey a sense of urgency so that you'll respond immediately without thinking. Phishing e-mail might even claim that your response is required because your account might have been compromised.


"Dear Valued Customer."

Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name.


"Click the link below to gain access to your account."

HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.

Notice in the following example that resting the mouse pointer on the link reveals the real Web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's Web address, which is a suspicious sign.


 More


 
 
 

 Top

 
       
© by GSO •  Contact