Internet Scams and Phishing: Don’t Take the Bait
By Eric Andring, Information Security Officer, Bell State Bank & Trust
Over recent years, security awareness has become more important to all of us. Whether you are checking emails, surfing the Web, or downloading that cool new app on your smartphone, security has become an essential piece of our lives. You play an integral part in maintaining your security defenses by properly managing the websites you visit and by managing which emails you choose to open or delete.
When Internet fraudsters impersonate a business to trick you into giving out your personal information, they are “phishing” for your information so they can use it to commit fraud. A phishing email typically looks as if it were from a legitimate organization, but contains fake phone numbers or a link to a fake website that looks like the real one. Phishing attempts can be conducted through email or over the phone. Unfortunately, protecting yourself from these types of attacks has become part of everyday personal security practices for almost everyone that uses technology.
Examples of typical phishing messages you might see when you open an email or text message:
- We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click here to confirm your identity.
- Thank you for your payment of $104.77. You should receive your paid items within seven to ten business days. If you have any questions, please follow the link below.
- During our account verification process, there was an error and we could not confirm all of your information. Please click here to verify your information.
- Our records show that your account was overcharged. To receive your refund, you must call the number below within 7 days.
Many scams or phishing messages only provide a link to click on, and do not provide a phone number. This makes the recipients feel like they do not have a choice other than to click on the link. If you receive a message like this and are unsure if the message is legitimate, either delete the message or contact the sender using a publicly known phone number you know to be genuine. The reason you should only use a publicly known phone number is because the phone number included in the email or on a fake website may be the fraudster’s phone number.
Additional security tips to help protect you from phishing attacks:
- In most cases, the best approach to dealing with suspicious messages is to simply delete them.
- Never reply to unsolicited emails or pop-up websites asking for sensitive personal information.
- Do not open attachments or click on Web links within emails or text messages unless you are sure the message is from someone you know and trust. Doing these things with unsolicited messages is often the “key” method attackers use to gain control of your computer or infect it with a virus or other malware.
- Make sure your antivirus program and operating systems are up-to-date.
To learn more about phishing and how to protect yourself, please visit this phishing article published by the Federal Trade Commission, or you can visit the Stop-Think-Connect website led by the Department of Homeland Security.
Leave a Reply
Realize your comments are visible to the world, so avoid sharing your personal account information. Comments that are abusive, unlawful, off-topic, use vulgar or offensive language, include spam, or attacks of any kind will be removed.