Recently, a potential client (let’s call him John) handed me a print-out of an email they received and asked for my opinion. It begins with the salutation,
‘Hey, I know your password is: XXXXXXX’; and, it continues on to explain how the sender’s malware has infected John’s computer. In several short paragraphs
the sender details the type of information compromised; and, then compounds the fear by indicating that he has a recording of John in acts of self-gratification
through the webcam. All of the embarrassing and personal information will be released to all of his social media contacts, CPU contact lists, etc.
if he doesn’t pay $1,400.00 in Bitcoin in the next 48 hours. This is just one of millions phishing email scams received by everyday internet users
every year. In fact, according to the FBI’s 2017 Internet Crime Report,
people lost $30 million to phishing schemes in one year.
These phishing email scams range from the Bitcoin blackmail scam John received to scammers using email or text messages to trick you into giving them your
personal information. This is a criminal extortion attempt to separate people from their money. So, let’s talk about how to protect yourself from phishing
How to Recognize Phishing
Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message. Phishing emails and text messages
often look like they are from a company you recognize, know or trust. The emails may look like they are from a bank, credit card company, a social
site or an online payment website like PayPal.
Phishing emails often tell a story in an attempt to trick you into clicking on a link or opening an attachment. They may…
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
- offer a coupon for free stuff
At a glance, these emails might look real, but they are not. The scammers who send emails like these do not have anything to do with the companies they
pretend to be. Phishing emails can have real consequences for people who give scammers their information.
7 Steps to Protect Yourself from Phishing Attacks
Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to
add extra layers of protection. Here are seven steps you can take today to protect yourself from phishing attacks.
1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against
3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials
to log in to your account. This is called multi-factor authentication.
4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can
copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.
step to reduce the risk of being a victim is to disable the ‘sending/receiving in HTML’ feature in your hosting email solution.
6. Don’t use the preview pane. Some phishing attacks don’t even require you to click on the email to become susceptible. All it takes
is for you to be using the preview email pane in your inbox and you may very well become a victim.
7. Don’t recognize, don’t open. The best advice to avoid such scammers is to simply cease opening or forwarding any emails from senders
you don’t recognize or have been sent to multiple recipients of whom you don’t recognize.
The 7th step leads me to a great example of this very type of situation. My father gets a half a dozen emails daily from friends or spam with funny memes,
political memes or messages and so on. I believe he opens all of them despite my repeated warnings; and, he forwards them on to me if he thinks I will
find it interesting or informative. I’ve told him again and again that I will not open forwarded emails from him – following the rules of number seven.
And, knock on wood, I don’t believe I have fell victim to these scammers as of yet.
How to Report Phishing
If you got a phishing email or text message, report it. The information you give can help fight the scammers.
Step 1. If you got a phishing email, forward it to the FTC at firstname.lastname@example.org and to the Anti-Phishing Working Group at email@example.com.
If you got a phishing text message, forward it to SPAM (7726).
Step 2. Also report the phishing attack to the FTC at ftc.gov/complaint.
Blog post written by
Brett has served small businesses, driving growth and profits for his clients, for nearly 20 years.