“Phishing,” the latest craze among online evil-doers, has nothing to do with sitting at the end of a dock on a sunny afternoon dangling a worm to entice hungry catfish.
But, if you take their bait, this new breed of online con artist will hook you, reel you in, and take you for every dollar you have… or worse.
“Phishing” describes a combination of techniques used by cyber crooks to bait people into giving up sensitive personal data such as credit card numbers, social security numbers, bank account numbers, dates of birth, and more.
Here’s the basic pattern for a “phishing” scam.
You receive a very official email that appears to originate from a legitimate source, such as a bank, eBay, PayPal, a major retailer, or some other well-known entity.
In the email, it tells you that something bad is about to happen unless you act quickly.
Typically, it tells you that your account is about to get closed, that someone appears to have stolen your identity, or even that someone opened a fraudulent account using your name.
In order to help straighten everything out, you need to click a link in the email and provide some basic account information, so they can verify your identity and then give you additional details, so you can help get everything cleared up.
Once you give up your information… it’s all over but the crying!
After getting your information, these cyber-bandits can empty your bank accounts, deplete your PayPal accounts, run up your credit card balances, open new credit accounts, assume your identity, and much worse.
An especially disturbing new variation of this scam specifically targets online business owners and affiliate marketers.
In this con, the scammer’s email informs you that they’ve just sent $1,219.43 (or a similar big but believable amount) in affiliate commissions to you via PayPal.
They need you to log into your PayPal account to verify receipt of the money and then email them back to confirm you got it.
Since you’re so excited at the possibility of an unexpected payday, you click the link to go to PayPal, log in, and BANG! They have your PayPal login information and can empty your account.
This new “phishing” style scam works extremely well for 2 basic reasons.
First, by exploiting your sense of urgency created by fear or greed, crooks get you to click the link and give them your information without thinking.
Second, the scammers use a variety of cloaking and spoofing techniques to make their emails and websites appear totally legitimate, making it extremely hard to spot a fake website, especially when they’ve first whipped you into an emotional frenzy.
The good news, however, is that you can protect yourself relatively easily against this type of cyber-crime with basic software and common sense.
Most of these scams get delivered to you via Spam (unsolicited email), so a good spam blocker will cut down on many of them even making it to your inbox.
If you receive an email that looks legitimate, and you want to respond, stop – Wait – Think!
Look for spelling and grammatical errors that make it look like someone who doesn’t speak English or your native language very well wrote it.
Above all remember this:
Your bank, credit card company, PayPal, eBay, and anyone else you deal with online already knows your account number, username, password, or any other account-specific information.
They don’t need to email you for ANY reason to ask you to confirm your information — so NEVER respond to email requests for your account or personal details.