How to Spot a Phishing Scheme

How to Spot a Phishing Scheme

This is probably not the most exciting article in this month’s edition of the Corvid Crier.  Yet, I do think it’s important for everyone to read and practice these tips and tricks.

The information age has made modern life easier and more convenient.  Our phones are essentially mobile computers where we can answer emails, bank, surf the internet, and play games.  Voice activation can help us control lights in our homes without leaving our couches.  And of course, AI (artificial intelligence) is all the rage in the news.

With this comes the ugly side of society.  Would-be criminals and hackers are becoming more sophisticated in how they try to steal your money and information.  They use every tactic from phishing to social engineering to figure out who you are and what you have.  At first glance the emails you receive may seem legitimate or that fun questionnaire you fill out on social media seems like fun but take a step back and look for certain clues on whether clicking on something or responding to something is the right thing to do.

Below, I have provided some tips that I have learned over the years.  This is not meant to be a comprehensive list nor am I an expert in cybersecurity so I would challenge you all to use this article as a starting point and learn more.

Dissect the Email

When an email comes in, it is worth taking a few minutes to do some basic checks.

  1. Look at the email address that sent the email.  Just because someone says that their name is “Jeremy Lucas” or that they can be reached at president@eastsideaudubon.org in the body of the email message doesn’t mean that is the case.  At the top of every email, you will see the email address that the message was sent from.  Does that make sense?  Does it match?  Does it look suspicious?

  2. Look at how the email reads.  Are there grammatical and punctuation mistakes?  Look, I know we all make grammatical mistakes from time to time, and I am certainly not the grammar police.  However, the types of mistakes we are talking about here are usually made by bots or a would-be hacker located in another country.

  3. Hyperlinks – DO NOT CLICK UNTIL YOU VERIFY.  Would-be hackers love to put in hyperlinks that look legitimate.  The problem is that they are not.  If you click on this link, it may take you to a page that looks like your bank’s page but isn’t.  Then they might ask you to put in your password which they store and can hack your account.  In many cases, these websites carry viruses that can destroy your computer.  Take your cursor and hover/hold it over the hyperlink without clicking.  What does the URL that will display look like?  Does it look like something that no company would have as their website?  Do not click it.  Delete the email.

  4. Some additional things to keep in mind.

    a.     Banks and financial institutions do not ask you to provide your password via email.  This goes for the IRS and the US Department of Revenue (a popular scam around tax season).

    b.     If you are confused by an email, find another to verify its authenticity.

    c.      Do not provide passwords and bank account information via email.

    d.     Be skeptical of all links and make sure you trust the source.

 

Additional Thoughts for Social Media

Social media has exploded with popularity worldwide.  Did you know that people can make millions off social media alone by being influencers, models, chefs, and other personalities?  How do I get to lead that life?!  😊

Ahem….

Protecting your information on social media is just as important as it is with email.  In addition to being skeptical of any links and messages, and following the information above, consider:

  1. You know those fun questionnaires that people love to fill out?  They have 20 or 40 questions and ask benign things like what your favorite color is or what was your first car.  Yeah, those.  Hackers use that information to build a script to try to guess your password.  Most people use that information in some way as part of their password.  You are making their job a little easier if you answer those questions.

  2. Be careful when accepting friend requests or connections.  People are not always who they seem.

  3. Think about what you post.  We are all proud of our next great purchase or our kids’ accomplishments or family meetups.  Just don’t share too much information.  Also consider adjusting your privacy settings so only your friends and connections can see what you post.

 

Here is a great link to check out (and yes, the link is safe!)