Gone Phishing: Don’t Click the Bait
Updated: Apr 6, 2021
Email Scams Impact Everyone
One of the most popular types of scams these days is phishing. This email trick may have a funny name, but the results can be very harmful. Phishing is a type of email fraud where someone is impersonating a business or a person. You know, those emails that try to reel you in by looking like they are from your bank, Apple or Amazon. They frequently ask you to click on a link and sign-in to your account. Once you click on the link or download the attachment, then the con artists have you hooked. Phishing is used to steal personal information, deliver computer viruses, obtain account numbers, and cause other harm.
My dad, who is in his late 70s, received an email this week that looked like it was from me. It was just a plain email that said “Attached are your electronic invoices” and it contained a link to follow. Although the email did not come from my email address, the email alleged to be invoices sent on my behalf and included my real name along with phony contact information. Fortunately, my dad did not fall for the bait. He was not expecting any electronic invoice (even though he probably owes me money), and he did not recognize the email address from which the message was sent. Still, many others fall victim to similar cyber threats every single day.
How to Fight Back
Here are a few tips to help protect yourself from phishing emails that impersonate others.
Don’t click on links or download attachments from people or businesses that you do not regularly communicate with via email. If you are not a Bank of America customer, then don’t click on links saying your Bank of America account is being closed.
Make sure that the sender’s email address is authentic. If the email says it is “from” your bank, the email address should follow the correct form for all email addresses that come from your bank. If the email is from a person you know, then it should be from that person’s known email address. To be safe, you should examine the email header information and make sure that the return-path and other header information are not fishy. (For more technical info on how to check email filters with your email program, try Googling “check email headers to detect phishing” and you should find several articles on the subject).
Trust your spam filters. Although once a month I might find a semi-legitimate email in my spam email, the filters seem to be correctly identifying junk at least 99% of the time. If your email filters think that an email is fake, then it probably is.
Check the authenticity of any suspicious links. First, it should look legitimate – no weird characters, misspellings, or odd names. There are numerous tools that will safely check a link for you before you click it. And of course, feel free to get a second opinion by asking someone you trust if an email looks suspicious.
Above all else, use your good judgment when deciding whether to click on a link or download a file. Any unsolicited emails should be treated with suspicion. If the email seems out of the norm, then it probably is. The email may prey on your emotions by claiming that you won a prize or lost a benefit, but this is just the bait they use to get you to click.
Use safe emailing habits to help protect your identity and avoid fraud.