What is Phishing?
Phishing is fraudulent behavior that involves trying to get information from you, often posing as a company or product.
These are scams that typically involve links to fake websites within emails or SMS – Text messages. We have even seen them in social media giants news feeds, or private messaging apps where people post a picture of a video with the line “I seen you today” or something similar. They will attempt to get users to enter personal information, like email addresses, login credentials, and other sensitive information by posing as an authentic website requesting you to login to your account which results as an error when trying to login. It’s an essential part of the scam that these links appear to be from legitimate sources.
Emails may also contain malware that, once opened, installs itself onto a browser or a hard drive without you knowing, this is why most email programs don’t allow images or documents to be immediately seen – you must approve them to be opened. This code hides out on your device, quietly collecting and sending usage data over time, and impacting your computer’s overall functionality.
Common Phishing Attacks:
A phishing email is a fake email that appears to be from a legitimate source (such as a financial institution or a shipping company).
They are often urgent or threatening in tone, and prompt you to download an attachment or click a link that leads to a fake website. One frequent scenario is “Your package is ready for pickup”. If you’re not expecting a package, then you should be aware of the potential threats that await. These will usually install malware on your device or elicit sensitive personal information.
Similar to email phishing, SMS – Text phishing (or “SMishing”) sends the target an SMS (text) message, often promoting some-sort of contest, offer, or sweepstakes that trick the receiving person into clicking the link. Clicking the included link in a SMS phishing scam results in the same dangers mentioned above – and even more scary, is if this is installed on your phone then they will have access to your pictures, contacts, password and more!
Phishing by phone
With phone call phishing call scams, you’re contacted over the telephone by someone impersonating a bank manager, tech employee, or a representative from a trusted organization (a bank or law firm, etc.). They will typically try tricking you into sharing confidential details over the phone such as PIN codes, bank account numbers, passwords, contact information, and security questions.
What to do if you’ve been scammed?
If you think you’ve been the victim of a phishing scam:
- Change your passwords. Your computer, financial institutions, and any other password-protected websites you visit should be updated.
- Run a full system scan for viruses on your computer.
- Contact your bank to report that you may have been the victim of fraud.
- File a complaint with the appropriate anti-fraud bureau:
USA: Federal Trade Commission (FTC)
Canada: Canadian Anti-Fraud Centre