This will be the 1st of a 3-part topic about an inevitable problem that any of us who use the computer will face at one point or another. It’s called Phishing. It’s a new word in today’s lexicon and there are numerous types of attempts to compromise your personal data. Unfortunately, in an unregulated internet, there will be bad people out there trying to take advantage of unsuspecting users and catch them off guard. They hope that one small slip by you the victim will give them what they need to gain what they want. No matter what their intent is, their end game is usually all about making money in the sneakiest of ways.
Law enforcement is doing more and more these days to prevent and prosecute those who enact cybercrimes and attacks, but staying safe always starts with you the user. Here are some quick tips for staying safe online. You’ll never be 100% protected online, but these tips can lower the probability of becoming a victim of a cyber-attack.
HELP! I’m stranded in another country…..
We’ve all gotten one. Hopefully by now we are pretty numb to it since it’s been happening for years. A friend sends an email claiming to be stuck in a foreign country and needs money to be wired to them. They’ve lost their passport, wallet, etc., etc. It’s the oldest trick in the book. Just delete it. If you are still worried about your friend- call them on the phone. If they deny being stuck, then tell them they need to change their email password immediately. Unfortunately, any email provider has the ability to be compromised. As a rule of thumb, we like to recommend changing your email password at least TWICE a year- even if you have no issues. It will keep the hackers one step behind you.
Emails from Other Businesses
Hackers like to imitate other companies and steal their logos and other elements to send out an email. For instance, take this one.
Many things tipped me off about this email. First, and most obvious, I don’t have any accounts with BoA. The culprit is just taking a shot in the dark hoping that maybe I do have an account and be caught off guard. However, let’s assume you are a customer of BoA. What if you were still unsure? One way to know would be in most email programs you can hover your mouse over the person’s name in the “From” section. When I do this, what appears is this:
Even though the “From” name said Bank of America, the email address that was used was an email ending in “@alertsp.com” (also known as the Domain Name). A legitimate email from BoA would have been sent from an email ending in @bankofamerica.com. More than likely the scammer purchased a domain for a few bucks with the intent on mass emailing thousands of people hoping that one unlucky person falls for their tricks.
A deeper look into the email reveals a link.
That’s what the scammer is hoping you click on: that blue “Sign In” (which is known as a Hyperlink in the tech world). When I logged into my email in Google Chrome, I carefully placed (NOT CLICKED) my mouse over the “Sign In” link. It revealed something very peculiar about it.
The link wants to take me to a website that is obviously not BoA. Most email programs will reveal the web address of the blue hyperlink by hovering a mouse over the link. Hovering over the link is not dangerous. Just be careful not to EVER click on the hyperlink or you risk getting a virus.
Finally, in a more ironic strategy, I find that most phishing emails have misspelled words or bad grammar. Look at this.
Their English teacher would be so disappointed. This is not because they were bad students. This most always points to the fact that the person doing the phishing is from another country and doesn’t speak English. Their less-than-perfect translating will usually yield a misspelled word or two.
Next time, I’ll talk about phishing attempts when surfing the web. Stay safe!