The Signs to Look for When Looking at a Possible Phishing Attack

One of the common ways that hackers can trick their victims is through a phishing attack. They can do this by writing and sending an email that looks like it comes from a real source. This email might ask you for things like your username or password for a certain account, or it might have an attachment or link, which downloads malicious software to your network or computer. Some of these attacks even look like they are coming from a client, an employee, or your boss.

phishingHere are some signs that you might be the potential victim of a phishing attack.

You are Asked for Personal Info

 One of the signs that an email is a phishing email is if you are asked for personal info. Most of these emails look extremely real, and they seem like they are being sent from a trusted source, like your bank, a local hospital, or a site like PayPal. But they are scams. Think of it this way; your bank won’t ask for your bank account information. It already knows your account info, so if something seems weird, it’s probably a scam.

You are Asked for Money

 If you get an email asking for money, even if it looks legit, it is probably a scam. For instance, if a client emails you and asks for a wire transfer, call them up and ask if it’s real. What makes this such a good scam is that in most cases, the scammer has logged into the person’s account because they steal the credentials. So, you may actually be getting an email from the account of your company’s CEO…but it’s not the CEO who is writing the email.

You Sense Urgency

 If you get an email that has a sense of urgency, like an urgent transfer, it is probably a scam. As soon as you see that something is “urgent,” bells and whistles should go off in your head. Hackers like to cause panic because they know people are more likely to rush to do as asked. Let’s look at this example: you might get an email from your back saying that your bank account has been compromised, and it’s urgent that you go to a certain site, enter your account details, and confirm your account number. Well, guess what? If you do this, the scammer now has access to your bank account information.

The Website or Email Address Look Weird

 You might also get an email that has a weird looking address or website. In general, hackers try to put the name of a company you might recognize in the email address. But that doesn’t mean it’s real. For example, you might bank with Chase Bank. You get an email from @chasebank1.com but guess what? That’s not really Chase. All Chase emails will simply be from @chase.com.

Think About Your Relationship with the Company

 You also should think about the relationship you have with the company you are getting an email from. For example, any email you get from your bank or your health insurance company should come from the company’s system, not from a weird looking email address. Also, if you don’t even have an account with a company you are getting emails from, it’s certainly a scam.

You Get an Email from Yourself

Look at the email closely. Is it coming from…you? Technically, of course, it isn’t, but scammers do this trick a lot.

There are Many Emails in the “To:” Area of the Email

You also want to look at who the email is going to. If there are a lot of email addresses in the “To:” section, it is likely a scam.

Keep an Eye Out for Links

One of the ways that people fall for scams is because they click on the links that are found in emails. Some of these links will download malicious software to your computer and others might take you to a page where someone will try to trick you into giving personal information. Before clicking on a link, hover over it and take a look. If the address is weird, don’t click it.

Spelling or Grammar Errors

Most of these emails that are trying to scam you come from overseas, so it’s very common to see spelling or grammar errors in the email. If you see this, it’s very likely a scam.

Look for Attachments

Finally, if the email has an odd-looking attachment like a Zip file, a PDF, or Word doc, don’t ever open it. It is very likely that there is malware, or a virus, attached. If you believe the attachment could be real, scan it with your antivirus software to be safe.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Phishing Scam: Using the U.S. General Commander in Iraq as Phish Food

Fishing of course is the sport of tossing a tasty wormy baited hook connected to a fishing line and patiently waiting for a fish to take the bait.

Phishing is the sport of tossing a wormy baited tasty lie connected to a wormy human and the degenerate patiently waits for a naïve victim to take the bait.

A phisher can send thousands of phish emails a day and eventually someone will get hooked.

Phishing is a $9 billion business. Unlike the ongoing depleting of the oceans fisheries, there are PLENTY of people out there to phish. Many of them today are from developing nations like India and China who are just getting a broadband connection to the internet and are considered fresh meat to the bad guy.

The New York Times reports “if you get an Internet appeal from Gen. Ray Odierno, the senior American commander in Iraq, asking you to pay lots of money to get your son or daughter out of combat duty, don’t believe it. And certainly don’t send the $200,000. General Odierno acknowledged that he is but one more victim of a social networking scheme offering a big — but fake — benefit, if you send big amounts of real money.

“I’ve had several scam artists on Facebook use my Facebook page and then go out asking people for all kinds of money: ‘If you pay $200,000, your son can get sent home early,’” General Odierno said at a Pentagon news conference.

Criminals may seek out military families and target them one by one or send a blast to thousands at a time and use a ruse that pulls at the heart strings of unsuspecting families who simply want their loved-one back home.

The General posted a large warning on his social networking site. “I have this big thing on my Facebook that says, If anybody asks you for money in my name, don’t believe it,” he said. “But it’s a problem.”

Frankly, I don’t like the idea of an American General having a Facebook page. It weird’s me out. Hopefully the high commander isn’t uploading pictures of himself doing shots of tequila while driving a tank.

My guess is there is someone out there who has the money and is probably acutely unaware of this type of scam, then is probably capable of getting hooked.  But more than likely nobody will cough up $200,000. But the scammers know to start high and they will go low. They will take a $1000.00 when it comes down to it. But they also know that people won’t argue with a General and nobody will “discount” the value of their loved-ones life. So overall it’s a pretty good scam. Just don’t take the bait.

Robert Siciliano personal security expert to ADT Home Security Source discussing Facebook scams on CNN. Disclosures.