Cybercriminals use a variety of techniques to steal your identity, pilfer your bank account, and appropriate your personal information. One of these techniques, called “phishing,” has been employed for decades and is still going strong. In fact, according to a report by the Anti-Phishing Working Group, more phishing attacks were reported in the first quarter of 2016 than in any other three-month span since the organization began tracking data in 2004.
Generally speaking, phishing (like its namesake “fishing”) is an attempt to bait you into divulging personal information. Crooks trawl the Internet, angling for bits of data that can be used to provide unauthorized access to passwords, usernames, credit card numbers, and contact lists. The goal is to steal your money and perhaps your identity.
Often a phishing attempt starts with an email that appears to come from a well-known source: your bank, your Internet service provider, a social networking site, or a government agency. The email often warns of dire consequences if you don’t respond. You’re advised that you can update your account by simply clicking on a link. From the email you’re directed to a website that looks legitimate and contains an online form. By inputting usernames, passwords, bank account numbers, and other personal data into the form, you provide the crooks access to your identity and financial resources.
But that’s not all. With information from your contact list, criminals can launch a secondary attack. Your friends may start receiving emails, allegedly from you. Because the phishing emails seem to come from someone they know, your contacts may be fooled into divulging their confidential information.
Never reply to emails or pop-up messages that solicit personal information. Legitimate companies and government agencies won’t request your PIN or account information in an email. Delete such messages. If you’re concerned about the source of the email, call the business or agency directly.
Many organizations allow you to incorporate additional layers of online protection, such as security questions or mobile security applications, in addition to your password. Taking advantage of these measures will provide an extra layer of protection.
Phishing attempts frequently contain misspellings, grammatical mistakes, generic greetings, and unfamiliar email addresses. Look for these if you receive an email that seems suspicious.
Finally, don’t forget to review your bank account and credit card statements regularly for any inappropriate charges or transactions.
When we receive emails, we tend to respond quickly without thinking. Now that you know what to look for, you can protect your information, and potentially the information of your contacts.
Our payroll affiliate, Abacus Payroll, Inc. has some additional phishing prevention tips specific to HR and payroll professionals: Keep Reading →
How to spot scams & cons
If it sounds too good…
According to the FBI, there are over 14,000 scam artists at work on any given day. Perhaps the information presented here will help you avoid becoming a victim. If you have questions, please call us. Remember, if it sounds too good to be true, it may well be a scam.
© MC 2017 | “Fraud Alert” is published monthly to provide useful information about scams and cons. Return to this site every month for helpful suggestions on how to avoid fraud. The information contained in this site is of a general nature and should not be acted upon in your specific situation without further details and/or professional assistance.
Empowering business owners and individuals in South Jersey and Philadelphia to feel confident through proactive accounting and advisory solutions.