How to Recognize Phishing
By Cindy Tewalt, NAAP Financial Director
Perhaps you have noticed more activity in your spam box? Or perhaps emails have ‘snuck past’ your email and you have been targeted by “phishing”. “Phish” is pronounced just as it spelled and sounds just like “fish”. It’s an interesting word and as in fishing, it is the intent to throw a bait out into the water and hope something bites. That’s exactly what Phishing is…. scammers throw out the bait (an email or text) and hope that you will bite (by replying or clicking). Scammers try to use email or text messages to trick you into giving them your personal information. They want your passwords, your Social Security number and account numbers. And they want you to send them money or items. And they want to engage in ‘conversations’ in order to get closer to getting this information.
Here is what you need to know in order to recognize a Phishing scam:
- The email will look like they are coming from a company that you know or trust. But you can see the email is a bogus. For example office@naap.info is legit, but office@naap.com is not, nor is office@naap.us.info. Looking close is the key.
- They can look like a they are from a bank, a credit card company, an online store, or a social networking site.
- The goal is for you to click on a link or open an attachment. They may say there’s a problem with your account or your payment. They may attach a coupon that offers free stuff and want you to click on that link.
- They create a story that appeals to your emotions. Someone needs assistance and they want you to help. They may want you to send gift cards or money. And it is usually a sad story to appeal to your willingness to help someone in need.
- The message often takes on the identity of a trusted entity such as a company, organization and yes, a person within that organization. And these scammers are tricky as they often use the identity of a person of authority in that organization such as the President or the Treasurer.
I want to caution you to be aware when you receive emails that look suspicious coming from anyone on the NAAP Board, specifically those who carry titles of decision making (ie President, Treasurer). This is a very common ‘trick’ that hackers use as they peruse websites, looking for key words and grabbing their name and transposing into an email that often requires action… most likely financial action.
Here are some guidelines to keep you protected:
- Watch for suspicious emails. Often the grammar is questionable, although these scammers have gotten better at the English language.
- Know that no one from NAAP will ever ask you to send them money. Or gift cards.
- Never click on them or anything that may be attached.
- Never reply.
- Delete and preferably put ‘mark as spam’ or junk as your computers/email allows.
- If you don’t know if it may be true, click on the address and see where it comes from.
- If you still question if it is real, go to the web and find their actual website and make contact through the website.
Again, this is unfortunately a common occurrence amongst website contacts. And these are most likely programs that have been written by these despicable scammers. So it’s unlikely they are manually sitting at a computer looking at websites to see who is out there ready to be scammed by using something they personally found on the web. These scammers have sophisticated software programs they have developed. And unfortunately, they have had success in scamming people, thus making it well worth their time. Another way they do it is to buy emails from other scammers. Those emails were pulled off lists that were hacked. It is a frustration for us but if we know what we are looking for and cannot fall for their scams, we can avoid being caught by their bait.
Be wise and pause before clicking anything! Don’t get caught!
Here is some great free training that will keep you safe! https://edu.gcfglobal.org/en/internetsafety/