If You Think It Can’t Happen to You, Think Again!
How to Recognize a Phishing Email
Yesterday a good friend of mine called me in a panic. He received an official-looking email from Amazon telling him that his Amazon account had been hacked and asking him to click a link in that email to have someone help him secure his account.
He panicked and fell for the phishing tech support scam. He clicked the link in the mail – that looked like it was from Amazon – and let the scammer connect to his computer. It was a mess, and he didn’t know what to do. The scammer was still connected when he called me, I told him to disconnect from the Internet right away and then shut down his computer. And I would come over to his house and take care of it for him.
The scammer, pretending to be from the Amazon support desk, asked for $500 in Dollar Store gift cards. When my friend refused, the scammer asked for his Visa card, and my friend being threaten by the scammer gave it to him (yes, I know).
About 30 minutes later, I went to his home, turned on his computer, and re-connected to the internet. I found that the scammer had deleted all his desktop icons as proof he could delete everything on his computer to scare my friend into giving up his credit card number.
I found the remote connection program the scammer used (Any Desk) and remove it completely. Then I went to Amazon and changed the password. I found out then that Amazon already suspected fraudulent activity. I changed his password to a very strong password. I also changed his email passwords and his eBay password.
While I was doing this for him, I had him call his credit card company and freeze his credit account, get a new account number and, of course, a new credit card.
Many people think that identities are stolen when hackers furtively hack into personal computers and steal all kinds of juicy personal information by manually digging through all the files and folders on a personal computer. But honestly, you have a much better chance of winning the Mega Millions lottery than having someone randomly hack your PC.
In most cases, the way hackers and criminals steal identities is by tricking the victim into clicking a link in a phishing email that is designed to look like a legitimate email from a bank, credit card company, online shopping site, financial institution and/or government site, etc.
When the victim clicks the link in the phishing email, the site that opens looks just like (or a lot like) the real site looks. Once the “phish” is lured to a counterfeit website, he or she is hooked, and all sorts of bad things can happen.
It can happen to anyone – it doesn’t matter how smart you are
Did the criminal/hacker steal this person’s password and username? No. The victim was tricked into voluntarily giving the criminals everything they need to drain accounts or wreak havoc with credit cards – or even worse steal this person’s identity and open dozens of accounts using the victim’s name, social security number, home address, etc. And woe, woe, woe are they!
Let’s look at an example of a phishing email
We’re going to dissect a phishing email. One that I received recently. Millions of people have Discover Cards and thousands have fallen prey to this phishing scam. But, by no means is this kind of thing limited to Discover, the same thing happens Visa and Mastercard customers, customers of large national banks, Amazon customers, BestBuy Customers, eBay customers, online tax services, and government sties.
For today’s example, we’re going to use the Discover card phishing email.
First, this scam wasn’t even well done. They made mistakes like putting a person’s name at the bottom of the email. They used poor English in the body of the email.
You can tell by how it is written that the authors don’t speak or write English as a first language. But I’ll bet you that more than a few people have been tricked into giving up their Discover account information, simply because they were worried, panicked, and/or in a hurry and didn’t recognize it was an obvious phishing email.
I want to remind you all, once again, always be leery of email from banks, credit card companies, government sites, etc. It’s easy to fall for phishing scams if you’re in a hurry and you panic.
You can keep yourself a lot safer just by remembering our simple rules when it comes to emails from the government, banks, online shopping sites, credit card companies, and other financial institutions.
#1. A legitimate email from a bank or financial institution will be addressed to you such as “Dear JoAnne Miller” not “Dear Customer” or “Dear Cardholder” or “Dear Valued Customer” or worse “To whom it may concern”.
#2. A legitimate email from a bank, financial institution, official government site, or credit card company will never ask you to click a link to verify your account or change your password. They may ask you to visit the official site and log in, but they will never provide a link in the email.
#3. NEVER click links in emails from government Websites, banks, financial institutions, credit card companies, or any site that deals in money or personal information such as your Social Security number.
If something in the email seems urgent, and you’re in doubt, visit the site by using the URL you know, for example, https://www.discover.com/ or https://bankofamerica.com/ or https://www.paypal.com, etc. And then verify the URL in the address bar – make sure it starts with https:// not http:// and shows a lock before it. All browsers will show a lock icon in the address bar when you’re on a secure Website.
If you want more details, click on the lock, and get more information about the site.
Now on to today’s lesson on phishing — no pole or bait needed — only common sense and a couple of functioning eyeballs.
It all begins with a sort-of official-looking email. This scam was sloppy, but many are not. You notice that the email below has two links. One at the top to view the “Web version” and the telltale click “Verify now” which should be enough to send you scurrying away and sending the email to the deleted items folder.
Here…let’s look at this one up close. Or as I like to say – let’s dissect it. EB, scalpel, please!
I’ve highlighted – in green – things you should note. You sure don’t need me to explain why they’re highlighted, right?
And look above: These crooks are so sloppy that this email, supposedly from Discover, has the name of some women living in Hawaii at the bottom of it. Who the heck is Joyce Yoshimoto? Will the real Joyce Yoshimoto please stand up!
We should all drop her a note! Don’t bother. The address doesn’t exist or if it does it belongs to Kahlua Kai Kai Funeral Home or Benny J’s Restaurant or the Immortal House of Pink Poi.
And if for those who are foolish enough to click the link in this phishing email… they will land upon a very official-looking page complete with an 800 “help” number or a place to log in with your “Discover Card” account number, username, and password.
Now, if you were crazy enough to click the link in the email and thus land upon this fake Discover site, you can still save yourself by looking at the URL in your browser’s address bar.
In my example Discover Card phishing email, if you were to click the link in the email and go to the counterfeit Discover site… just looking in the address bar in your browser could save you. The URL has nothing to do with Discover.com unless you think Discover should be on a domain called Vonlichten – and you don’t believe that do you? Plus, there is no https:// and no lock icon there either.
A straightforward way to tell the real domain name is that it’s the name that immediately precedes the dot com, dot net, dot org, dot tv, dot whatever. In the example above the criminals hope you don’t see that the domain is not Discover.com it’s vonlichten.com.
But these folks think they are clever indeed. They stuck the lock icon on the page! (See the screenshot below.)
How clever. They hope the lock will make you feel warm and fuzzy, and you’ll pay no attention to the URL in the address bar.
Don’t click links in emails that look like they came from your bank, your financial institution, your credit card company – or your government. Just don’t do it. If you need to change something on your bank’s website or any financial institution’s website, etc. Type the web address in your browser’s address bar.
Remember, follow the three rules below and you’ll end up being safe and not spending weeks or months and hundreds of dollars trying to repair the damage that occurred because you clicked a link in a phishing email, despite our continued efforts to keep you safe.
These three easy rules can help you avoid phishing scams
1. A legitimate email from a bank, financial institution, credit card company or your government will be addressed to you with your name such as:
“Dear JoAnne Miller” not “Dear Customer” or “Dear Cardholder” or “Dear Valued Customer”.
2. A legitimate email from a bank, financial institution, credit card company, or your government will never ask you to click a link to verify your account or change or check your password. They may ask you to visit their website and log in, but they will never provide a link in the email.
3. NEVER click links in emails from your bank, financial institution, credit card company, or government. If in doubt, visit the bank or financial institutions’ site by using the URL you know, like https://www.discover.com/ and then verifying the URL in the address bar – and make sure it starts with https:// not http://. All browsers will show a lock icon in the browser’s address bar before the website’s name or URL (web address).
And if you copy the Web address from the browser’s address bar you’ll see the entire URL In the above example when I copy and paste the URL (web address) I can see it’s correct:
We want you to be safe without spending hundreds of dollars on identity theft protection that you don’t need and does not work as advertised.
All you need to stay safe is common sense and learn how to recognize a phishing email when you see one. We hope this article helps you and keeps you from being the victim of a phishing scam.