How To Never Get Phished
Let’s go phishing! Hold on, put down the rod and reel. Phishing is when a scammer calls you, sends you a link, an email, or redirects you to a webpage that looks legitimate, but is actually just trying to get your credentials so they can hijack your accounts or your computer. It’s a very complex web of social engineering the scammers use to try to scare and trick you into handing the keys to your digital home over to them.
Fortunately, most browsers have phishing protection built in, however, no amount of defense is impenetrable, so that’s why it’s important for you to be able to know the difference between what’s real and what isn’t.
PHISHING ACCORDING TO MICROSOFT
“Phishing email messages, websites, and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer.
Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you, call you on the phone, or convince you to download something off of a website.”
What does a phishing email message look like?
Here is an example of what a phishing scam in an email message might look like.
- Spelling and bad grammar.Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam. For more information, see Email and web scams: How to help protect yourself.
- Beware of links in email.If you see a link in a suspicious email message, don’t click on it. Rest your mouse (but don’t click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company’s web address.
Links might also lead you to .exe files. These kinds of file are known to spread malicious software.
- Have you ever received a threat that your account would be closed if you didn’t respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised. For more information, see Watch out for fake alerts.
- Spoofing popular websites or companies.Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. For more information, seeAvoid scams that use the Microsoft name fraudulently.
Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered. For more information, see Protect yourself from cybersquatting and fake web addresses.
Beware of phishing phone calls
Cybercriminals might call you on the phone and offer to help solve your computer problems or sell you a software license. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
Once they’ve gained your trust, cybercriminals might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.
Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
For more information, see Avoid tech support phone scams.
Report phishing scams
If you receive a fake phone call, take down the caller’s information and report it to your local authorities.
- In the United States, use theFTC Complaint Assistant form.
- In Canada, theCanadian Anti-Fraud Centre can provide support.
- In the United Kingdom, you can reportfraud as well as unsolicited calls.
Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at theMicrosoft Answer Desk. Or you can simply call us at 1-800-426-9400 FREE or one of our customer service phone numbersfor people located around the world.
You can use Microsoft tools to report a suspected scam on the web or in email.
- Internet Explorer.While you are on a suspicious site, click the gear icon and then point to Safety. Then click Report Unsafe Website and use the web page that is displayed to report the website.
- com (formerlyHotmail). If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Outlook inbox. Click the arrow next to Junk and then point to Phishing scam.
- Microsoft Office Outlook 2010 and 2013.Right-click the suspicious message, point to Junk, and then click Report Junk.
To view this topic directly from Microsoft: http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx
YOU WILL BE THE TARGET OF A PHISHING ATTACK!
The odds are not in your favor. You should be vigilant of the attack. But the first step is recognizing how mentally susceptible you are to a phishing scam. Don’t believe that you will be targeted? Check out the stats:
- 156 Million phishing emails are sent globally EVERY DAY
- 16 Million of those emails make it through email filters
- 8 Million of those emails are opened
- 800,000 links in those emails are clicked
- 80,000 people fall for a scam and voluntarily give their personal information EVERY DAY
- The Microsoft Computing Safer Index Report (Feb 2014) estimated the world-wide impact of phishing scams is ~$5 Billion
McAfee has a test you can take to flex your knowledge and see if you’d fall victim to any of these online scams:
You should also be very very vigilant when looking for help online as well. When you use a search engine to find help, there’s a good chance the first phone number shown may not be reputable. Search diligently, read carefully, and research the company you’re about to do business with. The adage “measure twice, cut once” comes to mind here.
Remember that phishing scams can happen through the phone. In a recent email scam, victims were sent an email that appeared to be by legitimate law enforcement institutions. The victims were asked to call a phone number. When they reached the phony officer, they were enticed into paying off their alleged warrant. Read the article at: http://www.ksat.com/news/crime-fighters/crime-fighters-examine-an-arrest-warrant-email-scam
BE VIGILANT AND NEVER GET PHISHED ON THE PHONE
Here are some simple measures to ensure you are speaking to an actual law enforcement agent on the phone:
1-Ask for the agents details: name, badge number, and agency/precinct details . NOTE: Don’t ask for a phone number. If they give you one, just ignore it and move to step 2.
2-Search for the law enforcement agency and precinct phone numbers through verified sources.
3-Call the agency’s/precinct’s registered phone number and ask for the agent using his badge number.
If you receive a phone call scam, please report it here:
If you believe you were the victim of a cyber crime, report it to the FBI’s Internet Crime Complaint Center (IC3) at
NEED MORE INFORMATION ON HOW TO NEVER GET PHISHED?
Check out the U.S. Computer Emergency Readiness Team’s website. They are a part of National Cybersecurity and Communications Integration Center (NCCIC).
Click here to get their alerts and emails on phishing scams:
WHAT IS PHISHING?
Author: Jeremy Paul
I am Br8kthroo’s Chief Information Officer and I lead the IT Department.
In 2004, I have received an Associate’s Degree from McCann School of Business and Technology. Two years after, I joined the United States Air Force as a Health Service Administrator. My expertise in computer networking administration and repair was an asset to the USAF as I served my country.
After the military, I worked at MA/COMM – Tyco Electronics, and Geek Squad. However, after a few months, I left the latter company because it forced me to charge clients a substantial amount of money for the services I provided. I love helping people. But I do not love to overcharge. So, I decided to work at a reduced cost helping anyone who asks with their computer problems. When your computer gets sick or injured, I am the soothing doctor to the rescue. It is funny how all these computers seem to find me.
I am currently working on my Bachelor’s degree at University of Phoenix but that doesn’t stop me from giving time to help people with their computer woes. I excel at finding solutions to even the most difficult challenges and I am proud to say that I am Br8kthroo’s super tech guy!.