{"id":372,"date":"2015-11-03T13:06:56","date_gmt":"2015-11-03T13:06:56","guid":{"rendered":"http:\/\/www.ahbsolutions.co.uk\/blog\/?p=372"},"modified":"2017-03-29T14:03:00","modified_gmt":"2017-03-29T14:03:00","slug":"online-phishing","status":"publish","type":"post","link":"https:\/\/www.ahbtraining.co.uk\/blog\/2015\/11\/online-phishing\/","title":{"rendered":"Online Phishing"},"content":{"rendered":"<p>Online phishing (pronounced like the word <span class=\"newTerm\">fishing<\/span>) is a method used by tricksters and fraudsters to gat you to reveal personal or financial information. This is done using a fraudulent email or website.<\/p>\n<p>Most common phishing scams start with an email message that looks like an official email from a trusted source, for example a credit card company, bank, or online retailer. In these messages the recipient is directed to a fraudulent website, this has been designed to look like the actual website of the bank, credit card company, or retailer. On the website the recipient is then asked to provide personal or financial information, which can be used for identity theft, or accessing the recipient&#8217;s bank account.<\/p>\n<h1>Recognising Phishing Scams<\/h1>\n<p>Phishing scams either offer some type of enticement, or threat to get you onto the fraudulent website. It&#8217;s easier to identify these before going onto the website, than deal with the consequences. Here are some tips to help you recognize a phishing scam.<\/p>\n<ul>\n<li>When the offer seems too good to be true, it probably is.<\/li>\n<li>When asked to send personal or account info (like your user name and password, your date of birth,\u00a0or bank info) by replying to the email.\u00a0Legitimate companies will never ask you to provide this sort of info via email, they will ask you to go to their website to sign in and update your info there.<br \/>\n<strong>Warning<\/strong>: In suspicious-looking email, never click links that supposedly take you to a company website. The sender might be spoofing the website (providing their own fake version) to collect your sign-in info. When in doubt, go to the website using favorites, search for the true website, or by entering the\u00a0web address\u00a0in the address box.<\/li>\n<li>When the sender\u2019s email address has an overseas domain. For example: someone@example.uk.co, @example.ru, or @example.ng.<\/li>\n<li>When the sender&#8217;s email address has a domain that&#8217;s a string of seemingly random numbers and or letters. For example: @Wbg67TY.com.<\/li>\n<li>When the sender\u2019s name in the header doesn\u2019t match the sender&#8217;s email address.<\/li>\n<li>When the tone is personal and confidential, but it looks like a group email, with a generic greeting. For example: \u201cDear\u00a0 Customer\u201d, \u00a0\u201cDear\u00a0 Sir or Madam\u201d, &#8220;Dear valued Customer&#8221;, and so on<\/li>\n<\/ul>\n<h2>Some\u00a0common types of scams<\/h2>\n<p>Here are some of the most common types of scams, with additional clues on how to recognize them.<\/p>\n<h3>Verify your account now or we&#8217;ll close it!<\/h3>\n<table>\n<tbody>\n<tr>\n<td>The scam:<\/td>\n<td>\u00a0You get an email that looks like it&#8217;s from your bank, or an e-commerce service like PayPal or Ebay, or from your email provider, warning that your account will be suspended or closed unless you \u201cverify\u201d your account by replying with your account info.<\/td>\n<\/tr>\n<tr>\n<td>What the scammer wants:<\/td>\n<td>\u00a0In the case of bank or e-commerce scams, they want your personal info so they can steal your identity, empty your bank accounts, and run up charges on your credit card. If it\u2019s supposedly from your email provider, the scammer wants your email account user name and password so they can hack your account and use it to send out junk email.<\/td>\n<\/tr>\n<tr>\n<td>Additional clues that it\u2019s a scam:<\/td>\n<td>\u00a0It demands an urgent reply (for example, \u201cYou must verify within twenty-four hours\u201d). This gives you little time to research if it\u2019s legitimate.<\/td>\n<\/tr>\n<tr>\n<td>Actions you can take:<\/td>\n<td>\u00a0First and foremost, do NOT reply with any personal or account info, matter how dire the warnings sound<\/p>\n<ul>\n<li>If it&#8217;s a bank or e-commerce site, contact the company\u2019s customer service via phone or online to see if the email is legitimate.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>A large sum of money can be yours, just send your personal info\u2014or some cash<\/h3>\n<table>\n<tbody>\n<tr>\n<td>The scam:<\/td>\n<td>There\u2019s money sitting in some account that some official-sounding person wants to share with you. All you have to do is send him your personal info or some money<\/td>\n<\/tr>\n<tr>\n<td>What the scammer wants:<\/td>\n<td>Sometimes they just want you to send them money. Other times they want your personal info so they can steal your identity, empty your bank accounts, and run up charges on your credit card.<\/td>\n<\/tr>\n<tr>\n<td>Additional clues that it\u2019s a scam:<\/td>\n<td>\n<ul>\n<li>Any deal that involves an international bank, or where you have to send your info or cash overseas should be highly suspect.<\/li>\n<li>There\u2019s often an element of larceny. Maybe the money isn\u2019t really yours or theirs, but the rightful owner is dead, or a corrupt official, or some faceless company who will never miss it. Or the money is supposedly yours, but some other party is trying to steal it.<\/li>\n<li>If there\u2019s anything at all suspect about the deal, or if you don&#8217;t understand why someone you don&#8217;t know is making you (out of all the people in the world) this offer, you can bet that you\u2019re being conned.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>Actions you can take:<\/td>\n<td>First and foremost, do NOT reply with any personal or financial info, matter how tempting the offer sounds.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>You&#8217;re our big winner!<\/h3>\n<table>\n<tbody>\n<tr>\n<td>The scam:<\/td>\n<td>Congratulations! You just won the lottery! Or you were entered in a Microsoft sweepstakes and you\u2019ve won the jackpot!<\/td>\n<\/tr>\n<tr>\n<td>What the scammer wants:<\/td>\n<td>\u00a0Your personal info so they can steal your identity and empty your bank accounts.<\/td>\n<\/tr>\n<tr>\n<td>Additional clues that it\u2019s a scam:<\/td>\n<td>\n<ul>\n<li>You were entered in the lottery or sweepstakes without your knowledge or permission.<\/li>\n<li>They ask for your bank info so they can make a direct deposit.<\/li>\n<li>The purpose of a sweepstakes is so the company can gather personal info via the form you fill out when you enter. They then sell that info or use it to market their products and services to you. No legitimate sweepstake needs you to give them your info\u2014you already did.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td>Actions you can take:<\/td>\n<td>First and foremost, do NOT reply with any personal or financial info, matter how tempting the offer sounds.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h4>Help! I&#8217;m stranded<\/h4>\n<table>\n<tbody>\n<tr>\n<td>The scam:<\/td>\n<td>\u00a0A friend of yours is on vacation and got stranded. They need you to wire them some money, fast!<\/td>\n<\/tr>\n<tr>\n<td>What the scammer wants:<\/td>\n<td>\u00a0For you to send them some money<\/td>\n<\/tr>\n<tr>\n<td>Additional clues that it\u2019s a scam:<\/td>\n<td>This one can be tougher to spot. Typically, the scammer has hacked your friend\u2019s email account and sent this \u201cemergency\u201d email to your friend\u2019s contact list. The sender email address will be legitimate. The salutation might even be personal (\u201cDear Joe\u201d) but is the email really from your friend?<\/td>\n<\/tr>\n<tr>\n<td>Actions you can take:<\/td>\n<td>\u00a0Before you do anything else, stop and do a reality check.<\/p>\n<div>\n<ul>\n<li>Pick up the phone and call your friend. If you can\u2019t get a hold of them, try contacting mutual friends.<\/li>\n<li>Ask yourself the following questions:\n<div>\n<ul>\n<li>The email probably says they are desperate and don\u2019t know where else to turn, but do the two of you have the sort of relationship where they would turn to you for such a request?<\/li>\n<li>Did they say anything to you earlier about taking a trip?<\/li>\n<li>What\u2019s the likelihood of your friend being in the situation the email claims they are in, of doing whatever the email claims they have done?<\/li>\n<li>Does it sound like your friend?<\/li>\n<\/ul>\n<\/div>\n<\/li>\n<li>Unless you can contact your friend or a reliable mutual friend by some method other than email, you should probably assume it&#8217;s a scam. Report it as My friend&#8217;s been hacked (see above).<\/li>\n<\/ul>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3>&#8220;If you (don\u2019t) forward this email, something (bad) good will happen!&#8221;<\/h3>\n<table>\n<tbody>\n<tr>\n<td>The scam:<\/td>\n<td>Forward this email and you will be sent \u00a3500! Forward this petition to keep emailforfree.com a free service!<\/p>\n<p>OR<\/p>\n<p>Warn all your friends about this scary computer virus!<\/td>\n<\/tr>\n<tr>\n<td>What the scammer wants:<\/td>\n<td>\u00a0To watch their hoax go viral and brag to their spammer friends.<\/td>\n<\/tr>\n<tr>\n<td>Actions you can take:<\/td>\n<td>If it\u2019s about a computer virus or other security threat, go to the website for your antivirus software and look at the latest threat info.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Help protect yourself from phishing scams<\/h2>\n<p>You might receive email that seems legitimate, but is actually a phishing scam\u2014an attempt to get your personal info or steal your money.<\/p>\n<ul>\n<li>Never reply to an email that asks you to send personal or account info.<\/li>\n<li>In suspicious-looking email, never click links that supposedly take you to a company website. The sender might be spoofing the website (providing their own fake version) to collect your sign-in info.<\/li>\n<li>Never open any file attached to a suspicious-looking email. It might contain a virus or other malware.<\/li>\n<li>If the email claims to come from some company, contact the company\u2019s customer service via phone or online to see if the email is legitimate. You can also forward the email to the third party\u2019s abuse or fraud department.<\/li>\n<li>Go to a hoax-debunking website like <a href=\"http:\/\/go.microsoft.com\/fwlink\/p\/?LinkId=386384\" data-id=\"ID0EBBDBBHBBA\">snopes.com<\/a> and search on the email\u2019s subject.<\/li>\n<li>Resist the urge to respond, even to taunt or chastise the sender. You\u2019ll just confirm that your email address is valid, and end up getting more junk email.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Online phishing (pronounced like the word fishing) is a method used by tricksters and fraudsters to gat you to reveal personal or financial information. This is done using a fraudulent email or website. Most common phishing scams start with an email message that looks like an official email from a trusted source, for example a &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/www.ahbtraining.co.uk\/blog\/2015\/11\/online-phishing\/\">Continue reading<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[19],"tags":[109,121],"class_list":["post-372","post","type-post","status-publish","format-standard","hentry","category-security-3","tag-phishing","tag-security-2","item-wrap"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/posts\/372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=372"}],"version-history":[{"count":1,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/posts\/372\/revisions"}],"predecessor-version":[{"id":424,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/posts\/372\/revisions\/424"}],"wp:attachment":[{"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ahbtraining.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}