Phishing Scams in Plain English

For me the big giveaway is almost always, Dear Valued Customer or some such thing. Most emails now will put your name in there.

I happen to get quite a bit of phishing attempts in the fake e-mail account I set up for use at websites that require registration that I don’t necessarily want to have my real info. That is the first step in avoiding phishing scams: giving your real information to only a select few sites that you trust.

Another way to identify scams is to look at the sender’s e-mail address. Most of the time, the address is coming from a free e-mail service, which should throw off red flags right from the start. Besides sending the sender’s info to the government, also send the information to the isp’s anti-spam unit. While they may not be able to permanently stop such scams, they are more likely able to trace the ip address of the sender and ban them, which helps a little.

I go a little more in depth in a past blog post regarding indentity protection called Do you really need to pay for identity protection?

I have come across a few of these in my time. None from paypal though, a few from banks and a lot saying that I have inherited over $1,000,000 in some country I have never heard of.
Scams are to be avoided at all costs. They all play on the ‘money for nothing’ mentality that so many of us possess. We want money but we don’t want to do anything for it

When you know it’s spam make sure you forward it to the company it supposedly came from so they can take action.

If I get one that’s questionable, I sign into my account through my web browser – Never click on an e-mail link!!!!!!! Then I can tell if it’s legitimate correspondence or spam. I always err on the side of spam just to be safe.

Good post. I especially enjoyed the video tutorial. The phishing scams have gotten out of control. But even though they are more common now, it is tragic to see that some people still fall victim to this.

Just today, I received an email from the IRS regarding a refund. Ha! I almost fell for it! I directed it to phishing@irs.gov

I’ve seen some pretty clever ones, very professional looking. The last one I remember was supposedly from Bank of America regarding my bill pay account, only I don’t use bill pay! It all looked legit except for the web address wasn’t bank of america. I get phishing scams supposedly from paypal all the time too, again I don’t use paypal so I know they are fakes but someone else might not realize.

Forward Paypal phishing e-mails to “spoof@paypal.com”. They will try to track down the culprits. On my new computer now, with Vista, Internet Explorer tells me if a site I am trying to go to is a phishing site. There are a number of good things about Vista!

Outside of learning about spam, scams, phishing etc. and making educated choices, I am a firm believer in proactive defense.

Programs such as Spybot S&D, SpywareBlaster and the mvps.org host file all block many known malicious sites.

I use firefox with NoScript (though this may be more hassle than it is worth to some users).

Get a toolbar or add-on that checks the validity of sites you are on:
Netcraft Toolbar
McAfee SiteAdvisor
WoT (firefox addon)

Then if you really aren’t sure, and choose to click the link rather than manually navigate to the same place – copy the address and scan it here:
http://linkscanner.explabs.com/linkscanner/default.aspx

Ok, my fav part of the embedded video is that the crook’s laugh sounds an AWFUL lot like Jon Stewart’s impersonation of George W Bush!

This week I got TWO Nigerian Scam emails, which is bad because I’m tempted to pull a scambaiter on them….

What a timely post. I received an email from ‘paypail.com’ (notice the spelling) this morning telling me that my account was limited and that I would need to send them confidential information. Just as ‘Mom’ said, make sure to forward all suspicious PayPal emails to spoof@paypal.com. They are generally really great about replying quickly.

In addition to my earlier post (17), I would recommend the Firefox extension Flagfox. This, like the Netcraft toolbar, will show the country of origin of the website you are on. It will warn you if you reach an address purporting to be from one place, but really in another.

I also suggest that people set up another email account, if not multiple through a service designed for it, so that they can give friends/family their personal email, have one for use with banks/work/trusted places, and one for use at other sites and purchases.

Bugmenot.com is a nice resource for not having to bypass giving out your email too often (I use it to read online newspapers or some forum posts you cant see unless signed in).

I certainly know better than to provide information based on an email, but sometimes I have trouble distinguishing whether or not an email actually came from a business I’m involved with. My husband (who knows a lot more about this stuff than I do) always tells me that a good way to double-check if something is spam or not is to let your mouse hover over any link in the email (DO NOT CLICK – just hover). The web address for that link will show up at the bottom of your browser. If it doesn’t belong to the company, I know it’s spam. If it does, I can go ahead and click to see what information they are providing.

Never believe anything in an email, simple as that.

No company that I deal with communicates via email (at least not to me) so if I get an email, it’s phoney. I’ve stopped receiving paper bank statements but for serious communication that requires a response I get a letter or a phone call if it’s urgent.

Online communication is for fun only. The internet is a dirty, dirty place and the negative aspects of it massively outnumber the positive.

Thanks a bunch for sharing the video and links J.D.!