Gone Phishing - Five Tips to Practice Safe Computing!
I get calls and emails from clients, friends and associates asking if a particular email is real or if it is SPAM, SCAM, or worse, a phishing or email containing a virus! Unfortunately, there are people out there that are taking advantage of technology and YOUR good-nature to trick you, or even hurt you! Sad but true!
And it’s getting worse! Recently you may have heard about the banks being attacked, then before that was millions of user email and passwords were stolen from a major site. It used to be unless you visited questionable sites or had very easy to decipher username and password, you were (somewhat) safe. Not anymore! I have also noticed an uptick in the variety of sites that are being made to look real but in fact are phishing emails, scams, spams or worse!
So, let’s first define phishing, spam and scam emails or worse a virus!
SPAM – This is the least offensive or dangerous, it is just mostly annoying! The CAN-SPAM Act 2011 prohibits commercial businesses from sending email to people that have not specifically requested to receive email. There are many rules and even some exceptions, but you should read the act and be aware that businesses caught violating this act can be fined up to $16,000 per incident!
Phishing or SCAM Email – This type of email is trying to deceive you into thinking you are responding to a legitimate email such as from one of your shopping sites or subscription sites and then when you click on a link, it redirects you to a different shopping site, or worse, steals your data and user information.
VIRUS – A computer virus is a string of programming code that is designed to do “something” to your computer and/or your data. It can be anything from a harmless joke, a graphic message that appears on your computer screen to a more dangerous type of virus that can destroy your computer data, operating system, and/or steal your personal data and friends email addresses, or more…
We want to try and avoid all of these, but the phishing, Scam, and virus are obviously the worst of the bunch and can be very dangerous to your computer, costly and even impossible to regain lost data!
So how do we protect ourselves against these attacks? Here are five things you can do to help protect yourself:
- NEVER click on a link or open an attachment to an email if you are not 100% certain of whom the sender is. Even if it appears to be legitimate (as you will see below), it is safer to copy/paste the link into a browser window than to click on the link directly. Better yet, just go to the company website to login to your account and see if there are any direct messages to you there. If not, you are probably the recipient of a scam or phishing email.
- ALWAYS log off of any website that requires you to login with username and password. Don’t just close the window, instead use the Logout or Log Off menu option.
- Craigslist is especially vulnerable and you should take extra care when using this site. You WILL receive scam and phishing emails when you create a posting. So, NEVER click on a link from Craigslist UNLESS you JUST posted an ad and you KNOW that you are supposed to receive an email to confirm the posting. Then and only then, it is okay as long as it has the name of your posting and you verify the legitimacy of the email as shown below.
- Never, ever, ever provide or re-type your username and password for verification from an email request to do so. If this is a legitimate site, you should be able to go directly to the site to verify your username and password.
- CHANGE your username and password every month or couple of months and never use easily recognized or deciphered usernames or passwords such as your name, your pets name, your birthday, etc. You should MIX letters, numbers, uppercase and lower-case and then write it down in a safe place.
So, how do we identify an email as being PHONY! It doesn’t matter what type, you want to avoid any email that is not REAL and is being deceptive. Here are a few examples of some emails that LOOK REAL, but are indeed PHISHING emails!
Linkedin Email - REAL or FAKE?
FAKE! Here is how to tell, hover your mouse over the "Click Here" in the email (only in the actual email, this is a picture) to see the REAL website it will take you to...
How About this Facebook Email - REAL or FAKE?
FAKE! Same thing, see the REAL (phishing) website below:
One more... Is this a REAL Craigslist Account Verification email?
NOPE!!! It's a FAKE! Here is where the phishing email revealed!
Okay, just one more... Is this Craigslist Email REAL or FAKE?
THAT'S RIGHT - IT'S REAL!!! You can see by hovering over the link that it is indeed going to Craigslist AND I had just posted an ad on Craigslist, not several hours ago or yesterday, minutes ago.
At VirtualTourCafe we want you to be safe! So don't be fooled by real looking logos, formats, even email return addresses. I have received similar emails from Wells Fargo and others that LOOK REAL but were FAKE! Have fun online but be careful and practice safe computing...
I hope this helps, Happy Holidays!