Phishing scams are among the more subtle of cyber threats — and often the most destructive. Consider these tips for protecting your information in the digital age.

Casting a Wide Net

So what exactly are phishing scams? The fraudsters of the digital age, phishing refers to online scammers who operate by impersonating reputable agents, such as financial institutions, cable providers, and any other entity that may request personal information. Most often, phishing scams occur in the form of emails requesting information such as social security numbers, routing numbers, and bank account data.

Other common phishing scams include emails with links to fraudulent websites that mirror legitimate entities. Malware may be contained in attachments or consumers may be instructed to respond to an email within a given amount of time, thereby allowing the scammer to obtain private data. Phishing scams utilize the same marketing and data acquisition techniques as social media outlets, often pulling thousands of user trends from sites such as LinkedIn, Facebook, and Twitter. Simply put, phishing scams are the impostors of the internet.

Reeling ‘Em In

Fishing scams come in two main varieties — spear phishing and whale phishing. Spear attacks target individuals, while whaling targets high level executives on a larger scale.

Pharming is another often used technique wherein users are redirected to a scam website or a cloned variant of a reputable site.

Voice phishing via communication media such as GoToMeeting and Skype is another form of digital deception that is on the rise. This type of phishing takes the form of phone calls from the IRS and other entities using prerecorded voice over technology.

Mobile devices may fall victim to similar scams in the form of SMS phishing. Like email scammers, SMS fraudsters use text messages to impersonate legitimate agents.

Shark Proof Your System

The prospect of having your personal information stolen can be daunting. Fortunately, there are ways to protect yourself from phishing scams that won’t turn your data into chum.

Stay informed on phishing scams and know what to look for. Double check URLs and domain names. Often, a scammer will use a false domain name that vaguely matches the email of a reputable entity. If a site looks suspicious, exit. Bookmark links to login pages for banks, credit cards, and other institutions so that you enter via the same secured link every time. Do not open attachments or links from unknown senders and always have a reliable firewall in place.

Install a secured VoIP system for business communications and know which institutions will — and will not — request information via phone. For example, the IRS will never contact you via phone or email.

Pay attention to the language being used. It is unlikely that a legitimate financial institution will ever request login credentials or personal information via email. Lastly, follow the cardinal rule of internet safety — do not ever disclosure your social security number in an unsecured form such as an email or website.

To stay up to date on cyber security, check out our YouTube channel or contact us to learn more!

Phishing is a popular scam in today’s digital world. Pronounced as “fishing,” this form of fraud is when a criminal targets their victim by email, telephone, or text message. These messages often contain malicious links, attachments, or other forms that require an unsuspecting victim to enter their personal details which are then stolen by the attacker.

How Can I Spot Phishing?

The good news is that phishing can be prevented. Here are a few ways to tell if you’re being scammed and how you can avoid it.

Poor Grammar

Many phishing messages, including emails and text messages, are poorly written. If the grammar or structure of the message seems off, it’s probably fraudulent.

Unknown Sender

If the message is coming from an unknown address or number, chances are it’s not legitimate. If you’re unsure if an email address is safe to reply to, look up contact information of the original company. If the domain name (last part of the email address) does not match, it’s fake.

Unknown Links and Attachments

If a message contains a suspicious hyperlink, don’t click it and assume it is malicious. Hovering over hyperlinked text can reveal the real destination of the link without opening the link and exposing your computer. Do not click on shortened links such as Bitly because these can be used to disguise longer malicious links.

Logos and Images

If the scammer is trying to imitate an existing company or service, look for official logos and high-resolution images. If the logos are cut off or pixelated, the message is fake.

Be careful not to rely on official logo usage when determining phishing. Advanced scammers can use high-quality logos without permission of the original company.

How Can I Avoid Getting Scammed?

Phishing is preventable if you know the signs. Approach unfamiliar or suspicious messages with caution and don’t be afraid to ask a third party if you think you might be facing a scam. Never give personal information through the phone or web unless you are the one who initiated the situation and are sure you will be safe.

If you suspect you are the target of a phishing scam, do not click any links and delete the email. If you received the message through a company, school, or other corporate email, alert your company about the message so they can warn others about the dangers of phishing.

WheelHouse IT provides technological services and security measures to help prevent you from phishing scams. Contact us if your business is interested in working with a technological adviser.