Internet scams have been around since, well, the internet. Some are blatantly obvious—we all know not to buy anything a self-professed Nigerian prince is selling—while others are so subtle they can fool a seasoned internet skeptic.
The most common kind of email scam is “phishing”, the term coming from the idea that scammers are “phishing” for information they can use to believably assume your digital identity and through that, your financial information. This term goes all the way back to 1996 when scammers hacked into America Online accounts after they conned passwords out of trusting AOL users. In fact, phishing is like the grandfather of security threats—viruses, trojans, and ransomware can all stem from the phishing scam.
Phishing scams can be amateur or incredibly sophisticated, and have born their own set of rules that are as ingrained in some people as our parents’ warnings to never take candy from strangers. These rules include never give out your password and never click a link in an email from a user you don’t know. The trouble is, some scammers can so perfectly duplicate legitimate online platforms it can be easy to believe the email you just received actually did come from PayPal and your account actually does need immediate attention.
So what are the hallmarks of email scams?
- 1. Did the email go to the right email address? Most of us have not one email, but several. If a PayPal email went to an email address not linked to your PayPal account, it’s likely a scam.
2. Bad grammar and spelling are key giveaways that you’re dealing with a scammer rather than a legitimate company.
3. The email leaves out your name. In an age where everything is personalized, your name should be attached emails you receive from legitimate vendors.
4. You didn’t actually sign up or do business with the website in question. Now, this might lend some people to believe that someone has stolen their information and used it on this website, generating a false report. The trouble is when you click a link in the email, it won’t take you to the true destination (Amazon, PayPal, eBay, your bank, etc.), rather a dummy website that exists specifically to capture your information or spread viruses and malaware to your computer.
Not all phishing scams will be so blatantly sloppy that it’s immediately clear they’re scams, and it can be easy to overlook bad spelling and grammar or not notice your name is missing if you’re in a panic over the security of your account. So here are some ways to avoid being phished.
1. Suspect everything. Even you receive an email that looks legitimate from a company you regularly do business with, tread carefully. Instead of clicking the link provided in the email, pull up another browser tab and type in the web address. This will bypass any potential duplicates and take you directly to the company itself. There, you can login and check your account as you would normally, and change your password if you’re concerned about security.
2. Use free virus protection software and browser add-ons like McAfee SiteAdvisor to be alerted when you might be visiting a site suspected of malicious activity.
3. Use commonsense. It’s pretty much impossible to win contests you didn’t enter or receive security alerts from accounts you don’t have.
4. Trust IT partners like PCnet to provide virus and spam filtering for email.
Have a question about online security? Contact your friends at PCnet. We’ll work with you to create a plan that makes sense for your business so you and your employees can use the ‘net safely.