Today I received an email from eFax.com. Someone had sent me a 3-page fax. Or had they? As I looked a little closer I found that the link that they provided would have taken me to a webpage somewhere in Brazil. I also should note that I don’t use eFax. I use SmartFax for my faxing needs. This email was a classic example of a Phishing scheme.
What is Phishing?
In the last ten days alone, I have received notices of 8 different phishing scams among family, friends, and clients. But what is Phishing really? It comes in many different flavors including Phishing, Spear Phishing, Pharming, Whaling, etc. Each has its own quirks, but essentially they all boil down to one simple idea: Someone will try to get you to do something by convincing you they are really someone else. It can occur through email, Facebook, text, or even phone calls.
In my case, had I clicked on the link in my email, I probably would have been taken to a page that looks a lot like an eFax login page. Once I “logged in” it may have requested that I update my payment information, or perhaps it would have installed a “fax client” on my desktop. In one case they would have gotten my credit card information; in the other, they would have installed something on my machine that could really ruin my day. So how can we tell which emails are legit and which ones are fake? All but the cleverest will have a few things in common. Let’s look at them.
Signs of a Phishing Scam:
Is the email unexpected?
Usually, something about the email will be unexpected. It could come, as in my case, from a company that I don’t do business with. It could seem to be from a company that I work with, like UPS, but be unexpected because I wasn’t anticipating a package. Perhaps the format is off, or they are requesting information that they should already have or really don’t need.
Did you initiate the conversation?
Phishing will almost always come out of the blue. If you receive an email in response to a request that you put through, you’re usually okay. It’s a good idea to still look closely at the message before acting, though.
Does the email seem urgent?
Phishers always want you to click without thinking. An incoming document could be urgent, causing me to click quickly. An email may also say things like “Your account has been compromised” or “Unauthorized transaction on your credit card.” If an email makes your heart rate go up, that’s cause to step back before acting.
Is the email personalized?
Usually, phishing emails will start off with a salutation like “Dear Customer” instead of “Dear Mark.” If a phisher has done his homework on a person and personalized the email, that is called Spear Phishing. But this rule will help in most cases.
Is there poor grammar?
Companies are very meticulous in their written communication to their customers. Phishing scammers from another country will often get English grammar wrong in their emails, giving you a nice big red flag.
Does it ask for personal information?
No legitimate company will ask for your personal information in an email. If they work with you, they already have your personal information. Your personal information doesn’t often change and they have no reason to have lost it.
Are the links legitimate?
This is, perhaps, the most important lesson in this post. It can save you when all others fail. In short, just because a link looks like it goes to a website doesn’t mean that is the case. When in doubt, hover your mouse over the link for a few seconds as seen in the figure at the right. A little box will pop up with the true web address that it points to. If the email says it’s from FedEx, but the link goes to another website, don’t click on it. I always check links before I click–even if I know the sender.
Scammers will also attempt to make links look legitimate. For example, a link may point to http://www.paypal.com-verify-transactionid-18293471289-login.ebay-buyerprotection.net. This is particularly tricky, because it looks like you’re clicking on a paypal link, but the hypen after paypal.com changes the website that it is pointing to. You are actually clicking on a link for ebay-buyerprotection.net, which is not legitimate. The only valid character right after a .com, .net, or .org is a forward slash “/”. If a hyphen or period appears right after, it’s almost certainly a fake website.
Don’t open attachments
Just like links can be suspect, attachments can be as well. If you don’t know the sender, don’t open attachments. If you know the sender but weren’t expecting a document, call or email the sender before opening it. The best practice is safe practice.
Don’t trust the displayed email address
Last, but not least, you can’t always trust the displayed email address. With just a few minutes of prep, I could easily send something that appears to come from whitehouse.gov, linkedin.net, or ups.com. Just because you know the sender doesn’t mean the email is completely safe.
Do you think you have this all down? I’d encourage you to click on the picture on the right and take a Phishing Quiz from SonicWall. It gives several examples of possible phishing schemes and asks you to identify them, then it shows where you went wrong when you make a mistake.
I hope this helps you stay safe in the future! As always, if you have any questions we are ready to take your call.