Fishing is where you hold the hook, and the fish are the prey. Phishing is where Internet Scam artists hold the hook and *you* are the prey. I think the ‘ph’ comes from the origins of the scam via phone.
It’s your job to not take the bait! A scam can’t work if you don’t fall for it. Sometimes the bait is obvious, like an email that says someone from Nigeria needs to use your bank account in the US to deposit millions of dollars … just give them your account info and they’ll cut you in for half! Instead, of course, they’ll empty your bank account.
But many of them are not so obvious. Many of them are very good at the con game, so you have to be good too – at recognizing and avoiding them. There are 2 primary ways that con artists work.
- By making fake websites
- By sending fake emails
Some fakes are easy to spot, some aren’t. Things to know:
- The ‘From’ line on an email can be faked. Just because it says it’s from your uncle Harold, or from your bank, doesn’t mean it is. I could send you an email and make it look like it’s from the IRS asking you to send me your bank account information.
- Links can be taking you somewhere other than what they say. For example, a link may say, “www.bankamerica.com” but if you hover your mouse over it and look below, in your status bar, you’ll see the real address. In this case I’ve made the link go to www.bankamerica.dontfallforthis.com. In this example, ‘dontfallforthis.com’ is the main website with ‘bankamerica’ as a page on that site.
- It’s easy to make an exact duplicate of a website (heard of copy and paste?). So, just because it looks like your bank’s site doesn’t mean it is.
When in doubt, check it out
When in doubt don’t click. With a suspect email, just delete it. Replying in any way, even to ‘unsubscribe’, just let’s the scammers know they have a ‘live one’ – a real email address. All you have to do is not fall for it, and the scam can’t work.
If it sounds like it *might* be a legitimate email from your bank or other financial institution – call them on the phone. Make sure to use a number that you know to be theirs, not one provided in the email. Or, you can visit their website directly by typing the address in your browser – just don’t use the link in the email.
Play Anti-Phishing Phil
To learn more about how to spot fake websites, try a fun online game: Anti-Phishing Phil. The most intelligent and in-depth information on fighting phishing that we’ve found is on Paypal’s website at: https://www.paypal.com/fightphishing. An excellent site for researching scams and hoaxes of all types is Snopes.com.
Keeping your computer’s software up-to-date can protect you from the majority of viruses, spyware and scams. Sometimes no one else can protect you, sometimes you just have to be smart. Arm yourself with knowledge, and you won’t fall victim to scams.
Computer Education for Travelers