Financial Scams and How to Avoid Them: Phishing

Financial Scams and How to Avoid Them: Phishing

Nobody wants to find themselves the subject of a financial scam.

From wasting a few dollars on “free” items (just pay shipping!) to losing your entire retirement in a Ponzi scheme, nefarious scammers are always coming up with new and improved ways to take your money every day.

Sadly, the holiday season is prime time for scammers who are eager to cash in on people’s relaxed spending habits and goodwill. During the holidays, people are spending more than usual and are less likely to notice odd charges on their credit card bills..1

And they’re more likely to give to a “charitable” organization without first doing the research to make sure their donations are going to help those in need… rather than lining the pockets of an unscrupulous organization.

How do you protect yourself?

I’ll be sharing some common financial scams over the next few days, as well as how to recognize them and what to do if you encounter them. From fake coupons and credit card theft to Nigerian princes and fraudulent “charities,” we’ll give you the lowdown on how to avoid having your holiday ruined by thieves.

Scam #1: Something’s Phishy About that Email…

Phishing schemes have become so common, you can almost be certain that in the next month you’ll find one in your inbox. In 2017 the average email user received 16 phishing emails each month!2 And we’re in phishing season — during the months of October, November and December, phishing attempts jump by 50%2.

Emails might seem like not much of a threat, but 95% of cyberattacks on businesses begin as a phishing email. In addition, 92% of malware comes to your computer via email.2 That makes your inbox a dangerous place if you’re not careful about what you open and click.

What are phishing emails trying to accomplish?

Some are designed to harvest data, while others want to trick you into providing login or credit card information. Others are aimed at inserting malware into your computer, which may do anything from harvest information or make your computer host to a viral nightmare to even lock you completely out of your system (requiring you to pay a hefty “ransom” to get back in).

How to Recognize a Phishing Email

We’ve established that you don’t want to fall victim to a phishing scam. But how do you know a scam when you see it?

Today, cybercriminals have upped their game and it’s harder than ever to spot a phishing email. But if you keep an eye out for several red flags and follow a few simple email rules, you can weed out most of the danger.

First of all, be on the lookout for poor quality.

Your bank, Apple, Amazon and other businesses pay copywriters and designers big bucks to maintain their professional image and make sure that correspondence is crisp, clear and professional.

Often, phishing emails are written by people who are… not so professional.

Bad grammar, misspellings and fuzzy images of logos copied from legit businesses are telltale signs that an email needs to go right to the “trash” folder.

If you get an email that’s poorly worded, don’t click on anything in it. A quick internet search may turn up scam information, or check the FTC’s website for updates on current scams. If you’re still uncertain whether or not the email is a scam, call the company it’s claiming to be from and ask.

Second, beware of any email asking for your personal data.

That includes PINs, bank or credit card information, phone numbers, addresses, etc. If something that looks like a company you do business with lands in your inbox asking for personal information, don’t click on any links or hit reply. This sort of email will often tell you that your account has been hacked, your password has been compromised or that there is a problem with your account that needs to be fixed immediately or “action” will be taken.

Don’t be scared into responding before you think!

Legitimate companies (as well as the IRS) will not ask you for sensitive information via email. And some phishing scams are so involved that the email sends you to a fake webpage asking you to enter your information… and then they collect what they want from there.

Don’t click.

Instead, contact the company directly and ask them if they sent the email. Be sure that you contact the company through their actual website or the number on your snail-mail bill… never use anything listed in the suspicious email!

Third, watch out for offers that are too good to be true, ask for money or send unsolicited links.

“Congratulations! You’ve won $5 million from Google! >>click here<< to claim your prize.” Nope…. Don’t click. If it looks too good to be true, it almost certainly is.

And the email with a subject line that just reads “Re:” and contains nothing but a single link? Don’t click that one either! Even if they don’t junk up your computer with a virus or take your money, you might find yourself looking at something you can’t un-see.

Emails from people in far-off places asking you to help them recover money in frozen accounts, cash checks, exchange foreign currency or invest in something are also a no-go. It might seem like such scams would be easy to identify, but despite being around for over 10 years the Nigerian prince email scam (and others like it) still managed to relieve Americans of over $700,000 in 2018.

What’s important to know is that while some scams are laughably obvious, others are well crafted and easy to fall for. The reason that people keep sending them is that, often enough, they work.

What do you do if you receive a phishing email?

First and foremost, don’t click, reply or follow. If you’re in doubt, open a browser window and log directly into your account on the company’s website and check your information there. Contact businesses through their official website or contact information found on official correspondence.

Forward suspicious emails to the FTC at spam@uce.gov and to the anti-phishing working group at reportphishing@apwg.org. And if you’ve been scammed and lost money or experienced a cyberattack, report it to the FBI by following this link.

Now that your inbox is secure, keep an eye out for the next article in the series… “Scam #2: Credit Card Fraud.”

With purpose,

Patrick Gentempo

Patrick Gentempo