Phishing is nothing new in the world of the internet – scammers have constantly been seeking out people's personal and business information ever since the rise of internet usage in the 1990s. Their presence online is still common today, and even savvy internet users can find themselves caught in the crosshairs as a potential phishing target.
While the wealth of information online has grown, the same core tactic of a phishing scammer has never changed much over the past few decades – to trick a potential victim to hand over passwords, credit card numbers, and personal information to steal your identity to obtain funds from your bank or online accounts. Now with a digital landscape dominated by different social media accounts, applications, and login details, phishers have far much more to gain if they are successful in obtaining any information from you. Likewise, businesses have far much more to lose if they have their accounts or details taken from them.
Thankfully there are some ways to identify these potential threats to you and your business.
- Be cautious with emails or phone calls that you have not asked for
This is the most common method phishers have. Pretending to be from an official service, they will ask you for your password or username to clarify a supposed 'error' or 'potential login threat'. Remember that any official representative of these companies will never ask you for any personal details unless you are calling them, as they have access to these details.
- Check the phone number or email address
An easy thing to do with any odd emails is to hover your mouse over the email to see the full address. Phishing emails tend to have an email address full of numbers and letters in some part of the address, as they do not have permission to use the proper email channels from the business they are posing as, and therefore need to try and hide this fact. Phone numbers from odd locations, or even overseas, can also be an indicator of the illegitimacy of the person at the other end of the line.
- Have a sharp eye for details
Especially with emails, you will have plenty of time to look over the email and identify any irregularities. A proper business email from an official account would have contact information at the bottom, company logos/banners, and evidence on their legitimacy. Phishing emails commonly either don't have these details, or have incorrect banners/logos attached, or located in the wrong parts of the email. Phone calls can have incorrect details as well, such as stating the business is located in another state or territory, or from a branch location that doesn't exist.
- Be wary of incentives
Normally, most companies would love to hear feedback in the form of a survey and may offer an incentive to get more complete submissions. However, this is a tried and true tactic of scammers as well. Be cautious towards any links that you may be required to click on emails - hover your mouse over the link and read the full address that you are going to be directed to. Anything full of numbers and letters that make no sense, just like with fake email addresses, are usually ill-intended. This is also true with phone scams – request for further details to see if they are genuine.
- Do not hand over personal information lightly
It only takes a name to get a start on farming information and tracking down details. While our names are freely on display in our businesses and personal lives, the real power rests with us and what other information we share. Key things such as bank account numbers, passwords, and other login details should be guarded closely, and you should not have any reason to hand any of these details over to anyone. Be vigilant and cautious to any odd contacts.
To keep up to date with the latest scams, The Latest Scam offers early alerts and advice against phishers, randsomware, and other ill-intent threats to you and your business online.
As always, keep vigilant!