Learn How To Recognize a Phishing Scam and What You Can Do About It!

Apr 25, 2022

Learn How To Recognize a Phishing Scam and What You Can Do About It!

Phishing Emails are scam emails that appear to be from a legitimate company that ask for private login credentials for important websites everyone uses. Scammers work hard to make their phishing emails look professional and convincing and some are very convincing. Once an unsuspecting user gives their login credentials to the scammer, the scammer can access their account and steal financial and other personal information. In addition, the scammer will sell these credentials to the dark web where other criminals can use this information for nefarious purposes. The following are tips on how to recognize a phishing scam and how to best protect accounts from being hacked.

How to Recognize a Scam:

Phishing scams may be a phone call, email, or text message requesting a user to give their passwords, account numbers, or Social Security numbers. 

Beware, not all phishing emails and text messages look the same. Scammers change strategies frequently to prevent their victims from being suspicious, but there are some signs that will help you recognize a phishing email or text message. Here are the top things to look for:

  • Phishing Emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store. They might even have your name on the “From” line. If you hover over the link or check out the website (URL), you’ll see that it’s not actually from your bank or credit card company.
  • Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. Don’t fall for it! These messages will include something like the following:

A real example of a phishing email:

Imagine if you were to get this email in your inbox. 

Do you see any signs that it’s a scam? Let’s take a look.

  • The email looks like it’s from a company you may know and trust. It even uses a Netflix logo and header. 
  • The email says your account is on hold because of a billing problem. 
  • The email has a generic greeting, “Hi Dear.” If you have an account with the business, it probably wouldn’t use a generic greeting like this. 
  • The email invites you to click on a link to update your payment details. 

After first glance, this email looks legitimate, but it was sent by a criminal looking to exploit anyone willing to click the link. In 2016 an employee at the University of Oxford clicked a similar link and gave a scammer access to the university’s IT systems, which resulted in £1.5 million being stolen from the institution. In another example, a woman gave away her banking details in a phishing email and consequently lost £35,000. Here in Portland, Oregon, seniors are being exploited daily as they click on these links and unwittingly give their login credentials. It is estimated that scammers steal approximately $2.9 billion from seniors annually. 

How Do I Protect Myself?

Four steps everyone should take right now!

1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats. (https://www.consumer.ftc.gov/blog/2019/06/update-your-software-now

2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats. 

3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi factor authentication. The additional credentials you need to log in to your account can be: 

  • Something you have — like a passcode you get via an authentication app or a security key. 
  • Something you are — like a scan of your fingerprint, your retina, or your face. Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password. 

4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too. (https://www.consumer.ftc.gov/articles/how-protect-your-data-you-get-rid-yourcomputer#back%20up

What To Do if You Suspect a Phishing Attack?

Now that we know what phishing emails generally look like, let’s understand what one should do once they recognize a scam attempt.

If you get an email or a text message that asks you to click on a link or open an attachment, ask yourself this question: Do I have an account with the company or know the person that contacted me? Does the subject or purpose of the email seem legit?

If the answer is “No,” it could be a phishing scam. This is when you should start to look for signs of a phishing scam. If you see them, mark the email as spam, report the email/message and then delete it. 

If the answer is “Yes”, do NOT click the provided link! Contact the company using a phone number or website you know is real. You’ll find the contact on the company’s official website. Look it up using google rather than clicking on any link provided in the email. Do not rely on any information in the email. Attachments and if installed can invite harmful malware to your device.

What To Do if You Responded to a Phishing Email/Already been scammed?

Mistakes happen! And so if you think you recognized a scam too late and the scammer already has your information(eg: Social Security, credit card, bank account number, etc.) go to IdentityTheft.gov (https://www.identitytheft.gov/Info-Lost-or-Stolen). On the website, you’ll see the specific steps to take based on the information that you lost. 

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software and anti-virus. Then run a malware scan of your computer. (https://www.consumer.ftc.gov/articles/0009-computer-security#update)

How To Report A Phishing/Scamming Attack:

If you receive a phishing email or text message, it’s very important that you report it immediately. The information you give can help fight the scammers. 

Step 1. If it’s an email, forward it to the ‘Anti-Phishing Working Group’ at reportphishing@apwg.org (mailto:reportphishing@apwg.org). 

If it’s a phishing text message, forward it to SPAM (7726). 

Step 2. Report the phishing attack to the FTC at ReportFraud.ftc.gov (https://ReportFraud.ftc.gov). 

With hackers getting clever each day and coming up with extremely authentic looking techniques, we must ensure that our devices and networks are as secure as possible.

Still have questions?

Drop them below in the comment section or you can reach out to us at amber@roseelderlaw.com.

View more of our Blogs

Summertime and Life Conversations: 3 important topics!

Summertime and Life Conversations: 3 important topics!

Summer is the best time of year to have important conversations with your loved ones. As you plan to get together for holidays or just for fun, plan to have these important conversations with those you love.  1. Who is in Charge? In the event of an...

read more
How To Prepare For Your Graduating Seniors

How To Prepare For Your Graduating Seniors

Congratulations to all of our high school seniors! Graduation is just around the corner and so is college!  We love this time of year, the celebrations and commemorations, and the anticipation of our young adults leaving the nest.  With...

read more
Is Now A Good Time To Tidy Up Your Estate?

Is Now A Good Time To Tidy Up Your Estate?

Estate planning is the best way to protect yourself, your family, business, and other assets. There is a real sense of security when these documents are in place. To those of you who have set up your estate plan, congratulations! However, just...

read more

We're Here Whenever You Need Us

Open Hours

Mon - Fri: 9AM - 5PM