Don’t Let Scammers Take You on a Phishing Trip
Since most of us in Houston have increased our online shopping habits in the past few years and since many of us will increase our online shopping in the near future, I thought a good subject to tackle this week would be phishing. For those of you who are unfamiliar with the term, we are not talking about fishing with an “F.” That kind of activity involves going down to the lake with a favorite beverage. I am talking about phishing with a “PH”.
Phishing (sometimes called spoofing) is the process of attempting to get sensitive information such as credit card numbers, Social Security numbers, usernames and passwords by posing as a reputable source. On the internet, it may come in the form of an email that appears to be from a well-known and trusted company. This email may say something like, “…we need to confirm your password” or, “…we need to verify your account” or something similar. They may also try to pressure you to respond by indicating that your account will be closed within 48 hours if you do not reply. This is fraud, and you need to be careful when sifting through these messages.
Here are three general rules to help protect yourself from phishing:
1. Reputable companies will NEVER ask you to provide any of this information online. If you receive a message but are unsure of the legitimacy, call the company directly. Find the company phone number from an independent source other than the email and ask if they have tried to contact you.
2. Look carefully at the return address of the email and the links provided within the text. Fraudulent email return addresses and links may look official, but they usually vary slightly. For an example, we will create a fictitious company and website. We will call it www.jordanswebsite.com. Because the domain name is jordanswebsite.com, all valid email and links should include that exact domain name.
Example: customerservice@jordanswebsite.com
Fraudulent email and links might look very similar, but the domain name will often vary.
Example: customerservice@reply.jordanswebsite.com or www.fr.jordanswebsite.com or www.jordanwebsite.com
3. Lastly, if there are any graphics within the email, look at them closely. Phishers can be quite sophisticated in their techniques, but many churn out thousands of emails every day and don’t spend much time on graphics. They will often cut-and-paste them from the legitimate company website. If the logos, pictures or artwork look grainy, squashed or stretched, it could be an indicator that the email is not from a valid source.
Bear in mind that none of these tips are absolute indicators of fraud. If you are unsure, call the company directly and make sure that you get their number from an independent source. Phishers often set up their own phone lines and include these numbers in their email.
Online shopping can be a great supplement to your regular shopping routine. Take the extra time to make sure that you are visiting legitimate websites and sources. Use due diligence and a discerning eye when responding to email. When in doubt, call the company.
Jordan Rzad
Internet Marketing Coordinator
The Better Business Bureau of Greater Houston and South Texas
