Identifying phishing attempts
Phishing is a type of email scam in which a fraudster poses as a trusted business or individual in order to obtain your personal information. This can include your passwords, account numbers, credit card information, Social Security number or any other sensitive information. The key to protecting yourself from phishing is to identify the red flags. Below is an example of a phishing email.
There are two main motivators fraudsters use to get you to enter your personal information: reward and fear. Reward is easier to spot because you are aware of what contests you did or did not enter. Fear is trickier. In this example, the fraudster creates a sense of urgency by saying you must enter your information “immediately” or your account will be suspended. Because these emails can be alarming, it can be difficult to think critically, making you more susceptible to a phishing attempt. Always keep in mind that most reputable companies will never contact you to ask for your password or personal information. Most already have that information on file.
Other warning signs to look for are the sender of the email and any links. In this example, the fraudster is pretending to be MSUFCU, but the email provided is from “rnsufcu.com.” At first glance, it looks legitimate, but the “phishers” used the letters “r” and “n” instead of the letter “m” and “.com” instead of “.org.” You can also use your mouse to hover over any links in the email to see the URL. If the URL does not match what it should be, do not click on it. Finally, be sure to read the text of the email carefully. Many phishing emails, like this example, will include spelling or grammatical errors. A legitimate business usually has a thorough proofreading process, so mistakes should be minimal.
Malware is software that is intended to damage your computer in order to extract information. Computer viruses are a common type of malware. Malware could end up on your computer in a variety of ways, but always involves the download of the malicious software. One common way this occurs is through email attachments. Similar to phishing, the fraudster will send you an email that contains a reward or fear motivator in an attempt to make you more inclined to open the attachment. The attached document actually downloads malicious software to the computer when opened.
Another malware scam involves the fraudster reaching out to you over the phone. In a common scam, the fraudster calls claiming to be tech support from a computer company. They will then ask to remotely access your computer to fix a problem. Once the fraudster has access to the computer, they can to steal information and install malicious software. If you suspect you have malware on your computer, change all of your passwords using a different computer and take the infected device to a computer store. It is also recommended you reach out to your financial institution to change any account or card numbers that may have been compromised.
Protecting yourself online
The best way to protect yourself from online fraud is to be proactive. Create passwords that are easy to remember but hard to guess. Instead of using just a word, write a full sentence. The longer a password is, the harder it is to hack. It is also recommended that you include a mix of capital and lowercase letters, special characters and numbers. Another way to keep your passwords safe is to use different passwords for different accounts and update them every three to six months.
When making online purchases, be sure to only use sites you trust and look at the URL to ensure it is an “https” site rather than an “http” site. The “s” stands for secure, which is a good indicator the site is legitimate. Most importantly, make sure you think critically anytime you receive an email about your personal information. Remember, no company should ever ask for your password, account number, PIN, card numbers or Social Security number through email.