ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Phishing Trip: Avoid the Scammer's Net

Updated on November 7, 2017

Who is catching whom?

Source

I was recently targeted by a phishing scam.

That doesn't make me "special" in any way, because these types of scams, seeking tidbits of information, are sent out by the millions.

It caught my attention because it looked very familiar. I DO have an account with that particular company, and I do get occasional emails from them. So do thousands of other people.


Phishing is a deceptive scheme, usually conducted through emails, to steal personal data, like card or account numbers, passwords, or other information. An identity thief only needs a few info-bits to score a bundle of cash and mess up your life.

What does a Phishing Scam Look Like?

When I woke up that Saturday morning, one of my emails seemed to be from a large American bank where I had an account. The graphics were all perfect and familiar, but it had a few suspicious qualities.

1. It was addressed to an email address that I don't use anymore.
The old address still works, and it is very similar to the new one, but my internet provider changed its email address a couple of years ago.

2. It was sent an an early hour in the Pacific Time Zone which would have been before 6 am on the East Coast of the USA on a Saturday.

It is possible that a large corporation might use automated systems, that could kick in at any time, but it seemed an odd hour to be sending. (The time in the subject line was actually marked 8 hours later, in bold type, but the time stamp indicated otherwise.)

3. It addressed me by my email name rather than my real name. (Sometimes these things may come with a greeting that says: "Dear Customer" or "To Our Valued Customer".) It should have had my real name.


4. It said this:
"We would like to inform you that we have released a new version of (name of bank) Customer Form. This form is required to be completed by all (name of bank) customers.
Please follow these steps: 1. Open the form at
(I have not revealed the url link that was posted) 
2. Follow given instructions."


5. There were a couple of very minor wording peculiarities. American speakers would usually say "the" customer form and probably would not even use the phrase "customer form". Also, saying "follow given instructions" seems a little stilted and misplaced.

6. The url link (that I was supposed to click, and didn't) looked a little unusual because it was very long.

I will say that none of these things seemed blatently obvious at first, but I knew something was not quite right. I also knew better than to click on a link from someone I didn't know. The scammers challenge is to convince someone that the message IS from a known person or entity.

Source

Banks do NOT do this!

Financial institutions do not email you asking for personal or account information especially through email links.


They might ask you to go to your online account where you have to enter your user name and password and perhaps identify a key and answer a question before you can access information, receive special updates or make any changes.

I notified the bank customer service and they responded quickly-- asking me to forward the mail to their abuse department (which I did) so they could track down the perpetrators.


They came back and said it was, indeed, a phishing scam, and since I had not followed the link or responded to it. I was OK.

This bank sends me occasional alerts, for situations which I have previously approved and selected. I have authorized them to notify me when certain unusual activity has been noted, and when a card payment is due.


If you get a possible scam message purportedly from a bank or company you know, DO NOT FOLLOW ANY LINKS from the email. Contact the firm by going to your account on their site.

As in my case, they will probably want the suspect message forwarded so they can pursue the perps. They will track down the phishers as quickly and efficiently as possible.

If it is a legitimate message, don't worry. They would always rather see people being cautious and careful.

Time to be Alert

Be alert to these kinds of activities. Whenever banks, brokerage firms and large companies are merging or failing, scammers have a perfect opportunity to convince the unaware, that their personal account information needs to be "verified", "updated" or "changed".


You will hear about businesses being sold, going into bankruptcy, or being on the verge of collapse. You may hear from scammers that you MUST contact them IMMEDIATELY to avoid DISASTER.


Don't fall for it. Always check these kinds of messages by going to your own pasword-protected account and ask them to verify any request.

They can get info WITHOUT your click!!

Email scammer are getting more sophisticated every day. The little glitches I noticed, may not appear in the next phishing message you get. Some smooth operator is going to get one of these almost right, and it might be the next one to come your way.

Remember that email is not a secure form of communication.

  • Don't share passwords, account numbers or other sensitive information by email.
  • Don't be drawn into "surveys" that sound benign. They can be looking for personal details about you.
  • Don't respond to links posted in a message that asks for "updates" or tries to panic you into taking "immediate action". They will even threaten to close your account in an attempt to steal from you.
  • If you DO get caught in a phisherman's net, notify company authorities immediately.

Be safe, be sure of where your information is going, even if the request looks trustworthy. Remember this can also happen by pop-up messages or even cell phone messages.

View the video above to see ways they can get to you even without your reply.

Comments

    0 of 8192 characters used
    Post Comment

    • Rochelle Frank profile imageAUTHOR

      Rochelle Frank 

      9 years ago from California Gold Country

      Yep, they are getting smarter. We have to do the same. Those URL's can be quite similar, it's all in the details.

    • KCC Big Country profile image

      KRC 

      9 years ago from Central Texas

      I got an email very similar to the one you described just minutes ago.  It looked very legitimate with the proper bank logos, etc.  When I clicked on the link I noticed the long url that made no reference to the bank at all.  It was wanting my ID and password to login. Ha ha ha....no way, Jose!  I forwarded it to the bank's abuse department.  That had phishing scam written all over it.  But, I have to admit, it was the best one I've seen so far.

    • KT pdx profile image

      KT pdx 

      9 years ago from Vancouver, WA, USA

      I actually got a phishing scam by phone the other day! I asked "too many" questions, and they hung up on me. Great hub!

    • Rochelle Frank profile imageAUTHOR

      Rochelle Frank 

      9 years ago from California Gold Country

      Yes, I had to read it a couple of times. The graphics were perfectly lifted from the original bank site.

      The thing that stood out most was a request to respond to their link. I had already had enough messages from this bank to know that they had never done that before. It made me take a closer look.

      As I said, somebody is getting better at doing this.

    • LondonGirl profile image

      LondonGirl 

      9 years ago from London

      Most of the phishing emails I get are in seriously bad Nigerian English, yours was pretty good!

    • Teresa McGurk profile image

      Sheila 

      9 years ago from The Other Bangor

      Good advice.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)