Phishing email scams are getting sneaker and harder to recognize.
Phishing is a fraudulent attempt to obtain sensitive information (such as usernames, passwords, or credit card details) by posing as a trustworthy entity or person in electronic communication. The fraudsters’ aim is to lure their victims into clicking malicious URLs or email attachments to get personal data.
“Business email compromise (BEC) scams are more successful than ever, with losses reaching $2.7 billion in 2018,” according a recent Inc. article, “Phishing Emails Have Become Very Stealthy. Here Are 5 Ways to Spot Them Every Time.”
Some common phishing scams:
- Spear or CEO phishing: Fraudsters send a custom email that can include the name, position, company, phone number and other personal information of someone the recipient knows, so that he or she believes it’s legitimate.
- Invoice phishing: The fraudulent email states that an online item you purchased cannot be processed because of an expired credit card number, incorrect billing address, or something related; a link encourages you to click to “update” your credit card and contact information.
- Computer virus phishing: This email states that your computer or account has been infected or breached, and encourages you to download an attachment to fix it.
- Bank phishing: This email notification, which looks like it’s from your bank, tricks you into thinking there is a problem with your bank account, and again encourages you to click a link and enter your bank-account number.
How to spot phishing scams:
Best tip! If you suspect you’ve received a phishing scam, pick up the phone and call the person or organization directly for confirmation.
Also beware if:
- The email includes links or URLs when clicked on direct you to the wrong website or a third-party site that doesn’t match the email sender.
- You get an email from a company requesting sensitive information that wouldn’t customarily be requested by email, like Social Insurance Number, bank account number, or credit card information.
- You get an unexpected email from a person or business you have rarely, or never, dealt with.
- The email has obvious errors, like spelling mistakes, bad grammar, or incorrect information, or looks to be improperly formatted or amateurish.
- The email sender’s address although similar or close to the real email address is incorrect.