Information Hub‎ > ‎The Bad Guys‎ > ‎

Phishing

WHAT IS PHISHING
It is the act of attempting to obtain information (such as usernames, passwords, credit card details and sometimes indirectly money) by masquerading as a trusted organization or individual in an electronic communication - most frequently using e-mail.  The scammers who send these communications to extensive research and will use topics that appeal to large audiences and/or masquerade as a trusted company such a widely used financial institution or social media outlet.

Hackers may have stolen e-mail addresses from a friend's directory using your friend's e-mail address or from banks or insurance companies using legitimate looking e-mail addresses.  When in doubt on the legitimacy of an e-mail or attachment, call the company or person using a known legitimate phone numbers (not those on the e-mail) and get conformation the e-mail or letter is authentic.  It may sound silly but it is positive conformation of authenticity and could save you lots of time, money and great pain.  These operations often only operate for a few days before moving to a new location to avoid detection and arrest or hide behind layers of networks.

Phishing attacks may be very simple messages or may be very elaborate and personalized including your name, phone number, age and or knowledge of businesses in your area.  All of this can be obtained from public records and some simple searches done in advance by the bad guys.

HOW CAN I BE SURE IT IS PHISHING?
As a general rule, there are seven simple tips to keep close watch for when a suspected Phishing attack could be lying in wait for you to activate at the slightest click.  These include, but are not limited to:

  1. DISGUISED LINKS
    When the text of the link says www.yourbank.com but the real destination is www.oursecretbank.com, the sender may be trying to mislead you.  For more on inspecting links, please visit ______.  You can detect the real URL by positioning your cursor over the link in question.  This will cause windows to display the actual URL the link will use.  Sometimes it is a totally different link.  Sometimes they will use characters that are often mistaken for each to hide their attack.  Example:  One group used a numeric to appear as a lower case letter L.  This creates a totally different URL that they may own and can do with you what they want to once you come into their house of horrors.  Old tricks yet many fall victim to them.

  2. SUSPICIOUS LOOKING OR LINKS THAT JUST LOOK ODD FOR SOME REASON
    Only click on links to domains (the part of the link before the first "/" character following the ".com", ".org", etc.)  If you do not recognize the domain or you see it is misspelled (example: MICR0S0FT and not MICROSOFT), YOU DON'T WANT TO GO THERE.

  3. MESSAGES OF URENCY AND CONCERN
    The use words like "Urgent", "Now" or "Important" in the subject line and/or message body along with warning of bad things could happen to you (closed accounts, lost money, etc.) or someone you know should never be opened. Also look for messages where the e-mail appears to have been hacked or information provided is not the normal.  Examples:
    -  Someone you know who is stranded in a foreign country without credit cards or cash
    -  A financial account is at risk of having the money stolen from you
    -  Repeated attempts to access your account putting your funds at immediate risk
    -  Account will be frozen if you do not provide your information immediately
    -  Tax status will be raised significantly if you do not provide your information in 24 hours


    If this is a financial institution, call the number on the card they provided you or one of the statements they send you.  Do not trust any phone number in the e-mail.  Ask for Customer Support and tell them what you have and ask about your account(s).


  4. UNEXPECTED ATTACHMENTS
    An unexpected e-mail with an attachment is a reason for concern.  It may come from someone you know and trust as that information was obtained from their computers.  The attachment may damage, steal, or lock your data up with a ransom demand to get your data back.  A good rule is to only open attachments you are expecting.

  5. SPELLING AND GRAMMER
    Poor grammar, spelling, punctuation and capitalization are normally good indicators of a scam e-mail especially if the e-mail is about a recognized institution.  Reputable companies have formal internal review processes that must approve all external communications for errors or misleading messaging.  Companies protect their image and brand with great effort and cost.

  6. QUESTIONABLE EXTERNAL SENDER
    Ask yourself the following two key questions:
    1.  Do I know this sender?  (Even then it not be the sender's real e-mail address)
     
    2.  Have you communicated with this person or company before?
     
    If you answer NO to both, treat this e-mail as suspicious.


  7. LINK DOMAINS AND ADDRESS DON'T MATCH
    With little doubt, there will be at least one link on the e-mail received.  These Bad Guys
    often include a street address, city, state and ZIP Code to create conform with you .. they lie!
    Look at the address.  Use Google, Bing or other mapping tool.  Is this a large building with the
    company logo visible or it is more a empty store front or car repair place?   Here is what you do:

    1.  Hover (not click) the link to see what the weblink is.  If the address is in the USA and the
         link ends in anything other than ".gov", ".mil", ".com", ".edu", ".org" or a few others ...
         DO NOT CLICK THE LINK
    .
     
    2.  Check the list by going to Information Hub | The Bad Guys | WhoIs.org & Domains and
         look up the domain code.  You now know where their e-mail server is registered.  If this
         claims to be a big company in the USA, whey are they not using their own e-mail service?
         This does not make sense and thus their attack against you is now blown!