Avoid “phising” attacks
For many people, shopping online is a new experience. But it can be a very dangerous place.
For increasingly busy people who maybe just pop online quickly to check email it can be very dangerous.
People will tend to get “accustomed” to the type of email they receive – myspace updates, chatting with friends and ticket confirmations etc.
Thieves are openly trying to capture personal information and they do it like this.
Firstly, they will collect as many email addresses from online forums, blogs etc as they can find. There is even specific software to “harvest” these addresses.
The object of the exercise is to lure the recipient into revealing sensitive information. This may include passwords and credit card information.
No one will knowingly give those details away so the scammers have to be clever.
An email is sent which deliberately tries to jolt the recipient into action by making them temporarily losing control of their senses and taking action they wouldn’t normally take.
Some examples could include
You are due a tax refund
You have received an instant payment
Your paypal account has been compromised
In each case– the user maybe asked to log in and confirm their details
Or “questions” from ebay users including
“Is your Sony laptop still for sale?”
“Why have you not sent my goods? I will report you to the police”
Of course they bank on on the recipient immediately panicing and leave their normal senses aside and jump straight online.
Now the scammers are quite clever and they may have either “spoofed” the “from” email to make it look it has come from where it says or formatted the email in the corporate layout of the organisation concerned. (PayPal is blue and black; eBay is yellow, green, red & blue etc etc)
Of course the website where the user is diverted to is a copy of the real one and the scammers may have even registered a similar domain such as
nameofbank-complaints.com
How to spot a fake email and what to do
There are some tell tales signs that the email is not original and these include.
The recipients own name may not be shown in the “to” field at the top of the email. It may just be addressed to customer@bankname.com
This is an indicator that the email has been sent to hundreds if not thousands of recipients.
The text of the email may be in poor english and may contain spelling mistakes. The scam may have originated in non english speaking countries. The marketing departments of large corporations would not have made such mistakes…
The link where the user will be taken is shown at the bottom of the screen BEFORE the user clicks and it is unlikely to be anything to do with the institution.
If you use an anti virus like Kasperksy, it may pick up that the email content contains a virus or a link within it goes to a known fraudulent website.
What to do
The best thing to do with these emails is to just send them to the trash. Replying or clicking any “unsubscribe” link will just confirm that the email address is “live”
You can forward them to the relevant complaints department at paypal/ebay etc but it is most likely that someone else will have already done it…
