Phishing is a form of online scam that attempts to collect personal and financial information from intended targets. It accomplishes this through subtle persuasion by stressing upon the target the urgency of a particular problem or situation that requires immediate action from the target. The situation presented is usually security related which counts on our fear of having our online security compromised. The problem that is presented is always bogus in a phishing scam but since some people are not aware that such scams exist, some do take the bait every now and then.
Let us look at an example of how a scam is executed. You’ll receive an e-mail message from a seemingly known and reputable company such as a bank, an online site or some other financial institution. It will look like it is legitimate in every aspect. The message will present a situation that is affecting the company and its clients. The situation may be about a security breach, computer system failure, computer system upgrade, account update etc. In most cases, it will ask you to click on a link to open a web page where the target will be required to enter personal, financial or account-related information to save the account or remedy the problem. This is a typical scenario in a phishing scam.
Scammers often use e-mail to lure unsuspecting targets to the scam. They use e-mail because they can easily set-up an e-mail message to look like it came from a reputable source. Company logos and other useful materials are easily obtainable online. A simple right-click on a company logo is all that is needed to copy it. Scammers go through all this trouble because the whole point of it all is to make it look like a legitimate company is contacting the target. Real e-mail addresses are easy to collect but that is done through other means which are not covered by this article.
Hit or Miss
Phishing scams are always sent to multiple recipients because it’s really a game of chance. The scammer counts on the probability that the message will eventually end up in the inbox of a target who is actually a client or a member of the company that was used for the scam. If it reaches someone who is actually a member and that person takes the bait, then the scam is a success. Scammers know that there is no such thing as a 100% success rate with what they do. The few people who do respond are all that matters to them.
Scammers trick you into giving up information because they need it to conduct illegal activities online and even offline. For example, if they somehow trick a target into giving up information about his/her credit card details, they can use it to make purchases of items that can be bought using a credit card. In another scenario, what do you think the scammers are going to do if they get hold of your PayPal account? Scary isn’t it?
How to detect a scam
Now that you know what a phishing attempt may be like, how can you detect a possible phishing attempt? The next time you receive an e-mail message that is asking you to click on a provided link and supply sensitive information, be very suspicious.
Remember the following:
- Always keep in mind that legitimate companies such as banks, financial institutions and online sites such as PayPal would never contact you through e-mail to ask you for sensitive information. Remember this.
- Look at the “To:” portion of the e-mail message and see if it contains your e-mail address. If it doesn’t, it’s probably a phishing attempt sent to multiple recipients. If it does, it doesn’t necessarily mean that it’s legitimate.
- If you’re in doubt whether a message is a scam or not and you are tempted to go to the site requested, do it by typing the known URL of the company concerned manually instead of using the link provided in the message.
- When in doubt, research first.
What Should You Do?
When you confirm that a message is bogus, delete it immediately.
The best way to avoid becoming a victim of phishing scams is by being properly informed. If people know about it, then it becomes more difficult for the scammer to find a victim. Information is the key. Those who are properly informed are better protected from online scams.