By Terry Koehl
The sign is up on the door of your local or not so local online menace, “Out Phishing.” No, I didn’t misspell fishing. I am talking about an online attack that is crafty and subtle, with bait thrown to you via e-mail, social media, websites, the list continues to grow.
The phone has even become a tool for phishing. The hope is you will bite and provide the nefarious person a large trophy in the form of your bank account, credit card number, website log-in information, etc.
Phishing is the attempt to gain information such as that mentioned by someone pretending to be an entity you may trust, such as your bank, popular websites, or online auction sites.
One of the more common methods is an email crafted to make you believe it comes from one of these trusted sources. Often the email will tell you that for one reason or another, you need to go to their website by clicking the provided link.
The link will then take you to a website that looks similar if not identical to that of the trusted entity where you enter your information. At this point you’ve just been hooked, landed, and provided a nice trophy in the form of your bank log-in or other critical information.
We recently received two of these emails in our household. One purported to be from our bank stating that they had detected too many log-in attempts and had locked our account. The other supposedly came from Amazon.com for the same reason.
The biggest tipoff these were phishing emails? They were sent to email addresses that neither company had ever been provided. Upon further inspection of the links, it became apparent that they did not lead to our bank’s or Amazon’s websites.
These were easy phishing attempts to spot, but what about those that are crafted a little better? Here are some tips to help protect you from taking the bait.
1) Be very cautious about emails asking for you to provide confidential information either in a reply or through a link to a website. Legitimate organizations such as banks will not ask for this information in an email.
2) How specific is that email? Phishing attacks will be generic and will not reference anything personal, while companies may often reference an account you have with them.
3) Never use links or forms embedded in an email. Open a browser window and type the company’s address into the browser yourself.
4) Don’t be pressured into providing the information. Scare tactics are one of the most common methods used.
5) Contact the company by phone using a known number for that company. Companies are combating phishing attempts, too, and will gladly assist you.
6) Stop. Consider what you’re reading and put the previous steps into action.
Crooks make up these scams looking for easy targets. Simple steps like slowing down, thinking it through, and erring on the side of caution will greatly increase your online security.
Terry Koehl, a Ramona resident, owns AccuTech Support, a computer and repair business. Have a question you’d like answered in TechPoint? Contact him at 760-239-9001 or firstname.lastname@example.org.