When internet fraudsters use fake emails or websites to convince you to give them your personal information, they’re doing something known as “phishing.” Using various online scamming techniques, online crooks try to trick unwitting internet users into giving them personal, financial or account access information.
The whole idea is to get you to believe you're working through a legitimate, official website when you supply your data. Here are a few of the most common phishing techniques to watch out for.
Deceptive Phishing Is The Most Common Technique
What's known as "deceptive phishing" is the most common type of scam used to glean your personal information. With this approach, online fraudsters impersonate a legitimate company, sending you a fake email that:
- Describes a fictional issue with your account.
- Directs you to click on a link to resolve this issue.
- Employs a sense of urgency to scare you into responding.
If you follow the link supplied in the fake email to fix the falsely-reported account problem, you're actually being directed to a fake login page that steals your data for malicious purposes. The success of this technique depends on how well the scammers can convince you that you've arrived at an official company page.
How Phishers Convince You Their Sites Are Real
In order to succeed at tricking you into giving up your valuable information, phishers must make the websites they point you to appear real. To make their sites convincing they use:
- Real company names, incorporating the "look and feel" of the legitimate sites, including copied logos.
- Actual employee names in the "from" line or email message.
- Website addresses that look correct at first glance, maybe even linking to an actual page at the official company site
To avoid falling for this scam, check over logos carefully to see if they're genuine, be suspicious of company employee names and go to the legitimate company website (don’t use the link provided; you can Google the site) to compare URLs.
Spammers Step Up Their Attacks with "Spear Phishing"
As phishing scammers get more advanced in their attacks, they often employ what are known as "spear phishing" techniques. Research through social media and other sources helps these scammers convince you that you're being contacted by actual people you know.
Some of the creative fraudulent appeals these online impersonators exploit include:
- Data update requests that direct you to an attached (malicious) document.
- A request from an apparent supervisor to make an emergency transfer of funds.
- Asking for a handout to avert some personal disaster — medical or otherwise — for someone you know (otherwise known as "sentimental abuse").
The documents or charity sites you're directed to might contain malware that logs your keystrokes and compromises your computer system.
Whatever technique online crooks use, the funds you transfer go to the scammer's account and you’ll likely never see them again.