No doubt, by now you have heard of phishing, the fraudulent practice of using emails, DMs or texts that end up taking you to a copycat websites pretending to be from a reputable company in order to get you to reveal personal information, such as account numbers, Social Security numbers, login IDs, passwords and credit card numbers. This information is valuable to criminals who use it to steal your money or your identity or both, as well as, to get access to your computer to launch a ransomware attack that can lock you out of your computer.
Listen, it’s easy to make mistakes! The scammers have gotten very, very good at imitating the familiar logos and login pages of legitimate companies. The criminals will make it seem like they need your information quickly—your account will be frozen, you won’t get a tax refund, your account will go into overdrawn status or a family member will be hurt or you could be arrested. Basically, they tell lies that panic you to get to you act quickly, without thinking, and give them information that they want.
This recently happened to me. An email from Amazon showed an order that looked unfamiliar. It was a really large purchase and I was naturally concerned. Without thinking, I clicked on the order number and within moments, a poker gaming software was loaded on my computer. Clearly, this was not really an email from Amazon. Later, when I lingered my mouse over the sender email address, I was able to see that the sender address was not valid. I should have done this BEFORE I clicked on the link. This time, I was able to quickly remove the invading software and do several security scans to ensure nothing was left behind. But it was a good reminder that’s it’s very, very easy to be tricked—especially when distracted by the demands of life off the screen!
That’s what the criminals are counting on, that you will be easily confused and will act on emotion—especially when inquiries are related to the well-being of bank accounts and billing accounts. But scams are not just limited to adult concerns. Our youngest digital citizens, our children who spend a lot of time online are being marketed to by scammers who focus on their areas of interests, like gaming. Common scams ask young people to fill out a survey to gain gaming benefits or enter into an exchange of gaming loot. It’s all fake but by clicking on links and providing personal information, young people are at risk too. Their gaming accounts can be stolen, along with the parent’s credit cards associated with that account.
So while you—or your kids—may err and sometimes click on a link that you should not have—you need to be especially careful not to enter ANY personal information in response to an inquiry, unless you have firmly validated the authenticity of the sender.
According to the Federal Trade Commission, the rules to stay safe are the same for all ages:
- Be cautious about opening attachments or clicking on links in emails. Even your friend or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer’s security.
- Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.
- Make the call if you’re not sure. Do not respond to any emails that request personal or financial information. Phishers use pressure tactics and prey on fear. If you think a company, friend or family member really does need personal information from you, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email.
- Turn on two-factor authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone, or a random number generated by an app or a token. This protects your account even if your password is compromised.
- As an extra precaution, you may want to choose more than one type of second authentication (e.g. a PIN) in case your primary method (such as a phone) is unavailable.
- Back up your files to an external hard drive or cloud storage. Back up your files regularly to protect yourself against viruses or a ransomware attack.
- Keep your security up to date. Use security software you trust, and make sure you set it to update automatically.
Read more here: https://www.edts.com/edts-blog/15-examples-of-phishing-emails-from-2016-2017 and see examples of phishing scams that imitate companies that look very familiar to you, like Netflix, UPS, Wells Fargo, Bank of America, PayPal, Amazon and the IRS.
Talk to your children about phishing and scams. Remind them of the old adage, if it sounds too good to be true, it is!
Savvy Cyber Kids educates and empowers digital citizens, from parents and grandparents, to teachers and students. Sign up for our free resources to help you navigate today’s digital world with cyber ethics. See more cyber safety and cyber ethics blogs produced exclusively for EarthLink. Looking for a social media parental control? Try a 30-day free trial of Bark. If you sign up after your trial, Bark donates 25% of your monthly fee to Savvy Cyber Kids.
Thank you to the Savvy Cyber Kid’s sponsors!
Interested in becoming a Savvy Cyber Kids sponsor? Email Ben Halpert.