Guarding Against E-mail Phishing Scams

Contributed by Jennifer Goldman

Unscrupulous con artists have been committing crimes at innocent people’s expense since the beginning of time. Today, the current white-collar crime craze centers around scams perpetrated on the Internet—primarily through fraudulent E-mail campaigns know as phishing scams. These fake E-mails often look as though a reputable company you’re already accustomed to dealing with has sent them. They may even contain a rip-off of the company’s logo. Under this guise, the crook claims that he/she needs you to verify some account information, a password, or other confidential information. The E-mail may strive to manipulate you by claiming that your failure to respond with the requested information may lead to some negative consequence, such as the cancellation of your account.

Ironically, the true negative consequence can come from your cooperation with the con artist. By simply clicking on the phony link, you may be authorizing the criminal’s use (and abuse) of your bank or credit account, potentially resulting in identity theft. Or, you may cause damage to your computer, or a breach in the security/confidentiality of your future Internet transactions.

The reality is that, bona fide companies will never ask you to provide confidential information via E-mail, since E-mail communications are not secure transactions.

You are told that the company thinks someone has been making unauthorized purchases on your account and are asked to follow a link where you must provide confidential information such as birthday, social security number, bank account number, password or user name. Even the answer to a secret question, such as, “Where were you born”? or, “What is your mother’s maiden name?” can be used to retrieve a forgotten user name or password.

A company asks you to “update” or “renew” your account information at a Web site, with the link supplied in the body of the E-mail. Crooks use that link to send you to their bogus site.

The E-mail claims to be from some well-known bank that you hold an account with, and asks you to supply your ATM card number and/or access PIN. You are asked to click on a link in order to verify the info. You’re innocent compliance may grant them full access to your bank account. Yikes!

You receive a message that contains “a special offer!” The E-mail claims that the offer is a secret, and that it’s only being made to you and a few other VIP customers.

A message demands that you “act immediately” in order to receive a limited-time offer.

The E-mail requests that you aid someone in the international transfer of funds through the use of your bank account. These phishing scams often claim they will pay you for your services.

• NEVER offer personal or confidential information through an E-mail—not even to a friend or family member. E-mail servers are not secure servers.
• Use a firewall and an anti-virus to block unauthorized messages. Activate the junk E-mail filter feature on your E-mail account. Also, use a software patch to protect yourself against hackers.
• Keep an eye out for glaring spelling and grammatical errors in E-mail solicitations. Large companies protect their credibility by having all communications carefully prepared and proofread.
• When an E-mail supplies a Web link, if it’s valid, that link should start with https (rather than just http); the “s” at the end indicates a secure link. However, this method of sifting out fraudulent links isn’t foolproof; sometimes crooks are sophisticated enough to forge secure links.
• If the E-mail claims to be sent by a company’s reputable representative, call and check with the company to validate that an E-mail is legit. Make sure you obtain and use only reliable contact information to get in touch with the company. Otherwise the phishing scam will merely become a phone scam! If you choose to visit the company’s official Web site to check your account status, open a new Web browser and enter the company’s Web address manually. Never click on the link supplied in the suspect E-mail.
• Research a lesser known company’s history before engaging in a transaction.
• Listen to your gut. If you have a feeling that something’s not quite right, chances are it isn’t. Especially if the company is promising you something that seems too good to be true.

As a service to others who are in danger of being similarly victimized, contact the company that the scam artist falsely claimed to represent. If the company gets multiple complaints, that company may send out or post a warning to their clients. They may also choose to launch their own investigation.

Although phishing scams can have seriously detrimental effects to the unsuspecting E-mail account holder, this is no reason to live in fear. Simply exercise caution and keep an eye out for the suspect E-mails described in this article, and E-mail will continue to serve as a useful tool in both your professional and personal correspondence.

About the Author:
Jennifer Goldman is a freelance writer, editor, and proofreader living in Denver, Colorado.

This article is intended for general informational purposes and does not provide legal or other professional advice. All trademarks contained herein are the property of their respective owners. Please read our disclaimer for additional terms and conditions governing access to and use of this article.