Phishing email scams have been around for quite a while, and unfortunately, they continue to grow. The cybercriminal who is sending out these emails uses all types of tactics to get you to respond, including fear, alarming news and even family information to get you to take the “bait” – but it’s all done just to steal your personal information, your financial information and ultimately your money.
Most phishing emails include an embedded link that will take you to a website that looks like the real deal, but it’s nothing more than a “spoofed website”. It looks authentic, and often includes an actual logo of a company or organization. But it’s fake, and if you click on that link, malware is often downloaded into your computer or device, and that’s when the trouble starts.
Why do Crooks use Phishing emails?
What is phishing email and why are they so prevalent? Just like the name implies, a phishing email is the “bait” at the end of an Internet fishing line, and the victim is the fish who will ultimately click on the bait. Cybercrooks continue to use phishing emails because people fall for them. One Data Breach study report by Verizon showed that there’s a 3,4% click rate. It sounds low, but let’s say a bad actor sends out 10,000 phishing emails. With a 3.4% click rate, that’s 340+ people who are clicking on the bait, and putting their identity and safety at risk.
The bottom line – phishing emails are simply an attempt at identity theft. According to the FBI’s Internet Complaint Center, consumers lost $57 million to phishing scams in just one year. And the problem continues to spiral out of control. The good news is that most browsers are getting good at spotting phishing emails and dumping them into the spam folder. But despite the advances in technology, many end up in a person’s inbox just waiting for them to click on a link.
What to Look For
Cybercrooks continue to use the same scams over and over, mostly because they continue to work. But because of the repetitive nature of the phishing emails, people are getting savvy to what they’re doing.
Most start with “there’s a problem with your account” – and continue with the information that your account is “on hold” or “frozen” until you provide some key information. Like your password, user name or account number. The email looks like it came from a bank, credit card company, TV service provider like Netflix or many other companies.
Usually, they’re full of typos, or they have grammatical errors in them because they were written in a different country. The cybercrook cuts and pastes a legitimate logo, and it becomes a credible-looking email to the average consumer. Look for those misspellings and grammatical errors, and if you spot any – just send it to your spam folder. You should also report receiving it, because it will help to identify the sender and help prevent others from falling for the scam. You can also report it to the Federal Trade Commission (FTC). If it is an IRS scam, report it to the Internal Revenue Service phishing report website.
If you’ve had this misfortune of falling for a phishing email scam, and you’ve given out your password or other identifying info, immediately change the passwords on your computer or device. If the hacker stole money through a bank or credit card fraud, report it to the Treasury Inspector General Administration.
Preventing Phishing Emails
Considering the potential financial damage that can be done due to phishing emails, the best course of action is to prevent the problem in the first place. If you are receiving phishing emails, it’s highly likely you’re already on some cybercrook’s list. So, how did you get there?
Many cybercriminals scour people-search sites, which contain all types of sensitive and personal information about you. People-search sites sell this information, and it’s all perfectly legal. The key is to remove your unauthorized information from those sites. However, there are over 100 people-search sites like Intelius, US Search and Whitepages, and every one of those 100+ sites have their own rules on how to remove information and opt-out.
You also may want to consider switching to a strong email provider. Gmail is one that has sophisticated filters that help to spot phishing emails and dump them in your spam folder. Yahoo also has good spam blocking capabilities, and Zoho Mail is widely used by home businesses. If you continue to receive phishing emails, it may be time to switch to a different provider.
Another smart proactive approach is to continuously update your computer’s operating system whenever a new one is available. The constant system updates contain all types of security features that work to keep your computer safe from hackers. Here’s something else: it helps to monitor the latest email phishing scams. By learning about them in advance you can avoid being duped into opening one – especially those that contain links. Simply google “latest email phishing scams” to learn what cybercriminals are trying to put over on consumers.
By following these steps and avoiding clicking on links within emails you don’t recognize you’ll be helping to protect yourself from phishing emails.