They’re Phishing and You Could Be the Fish

Years ago in small towns, the “Gone Fishing” sign might be posted on a business indicating the owner had left for the local fishing hole. Today, with an insidious change of spelling, that same phrase signals the hacker ploy of landing phish — you — and your private information so they can drain your accounts and leave you high and dry.

Not a simple criminal campaign, phishing is a massive drain on the economy with an impact of about $5 million estimated annually. Even if you, the victim, are protected by credit card and other regulations, the time involved to undue the problem can take weeks to resolve.

Trust No One and Verify Everything

Much of our lives are conducted online. We handle our banking, our work, our contact with friends and family online. So, it comes as no surprise that scam artists play on our need to respond online when they pose as trusted authorities from our banking and other institutions.

Here are some ways to throw the “bait” back and not succumb to the very slick approaches the phishing scams attempt to lure you in with:

Review Everything With a Skeptical Eye

If you receive an unusual email from a source you don’t usually receive emails from — be it a credit card company, bank, or even a school, beware! Obviously, the scammers have gotten access to some information on you and are attempting to build on that information to solidify their access to your accounts. Even without trying to attract attention, people can unwittingly become victims.

A widow who had purposefully notified only friends and family of the death of her husband found her bank accounts attacked. She had not placed a death notice in the paper or sent public notices. She surmised that either through an announcement via Veterans notices or the funeral home that the scam artists surveyed, the phishers found a way to access her accounts. In the middle of her grieving, she had to deal with closing all of her accounts and spending time on paperwork.

Be careful and spend a moment, especially if the form or letter is requesting updates in your information. Unless you’ve initiated the contact by going to your organization’s website yourself, not as a referral from the link in the document you received, be wary. The sneaky phishing scam has probably set up legitimate sounding phone connections and links that take you to close-enough looking websites to keep the scam going. They’re making so much money with their scams, they can afford to spend the money to con you!

Watch out for Authentic Looking Documents

No matter how poorly our English is in writing these days, banks and other institutions do proof their documents. The letter you’re seeing may have an insignia or logo that seems identical to the real company you’ve been affiliated with for years. But, you notice that things seem a bit off. Maybe there’s a misspelling — in the logo’s slogan, or within the letter. The item is not cleanly presented on the page. Look for other items that don’t appear authentic.

Do Not Enter Your Information Into Websites

If you’re entering contests, resist the urge to enter more than your basic name, address, and phone number. Perhaps have a special email that you use only for that purpose to separate out the flood of marketing you might receive as a result of your hope for wish fulfillment.

Beware When Phone Solicitors Engage You in Their Phishing Expedition

The people who call you can be so slick, they’re hard to resist. They have a worthy cause or a free trip or a request to update your information that just sounds so real! You want to help them — or benefit from the freebies! It’s human nature. So, be cautious. Ask them for a number to call back on. They don’t want you to call back. Ask questions. Ask for a reference of someone who has contributed with a phone number. They don’t want you to question.

At a tourist spot, a chatty waiter asked where the couple was staying. They indicated which hotel they were at and, when paying, they used a credit card. Early the next morning, a very polished phisher called, claiming to be the hotel’s accounts person. They had a problem with the credit card you had given to the hotel. Could you please share your information and provide an alternate id? Of course, you complied! Within several hours, hundreds of dollars of phone cards were charged in your name. After checking back with the hotel manager, he denied having such a person on staff — all his accounts people were females and no one would have been working the hour the scammer called. Lesson learned!

Don’t take the bait! Don’t be free with offering formation. Don’t be the phish they land!