What are Email and Phishing Scams?
Phishing is a type of scam that implores people to divulge sensitive information. Phishing and email scams have been around for years, but they are not easy to eradicate. As the internet becomes more sophisticated, so do the scams. They may appear to come from a trustworthy organization, but ultimately, they cannot be trusted.
Phishing scams are not just limited to email. Much of the phishing job seekers face is done via human to human interaction. Fake employers may seek to extract personal information from job seekers by phone or chat, appearing to impersonate a legitimate company. They will ask for personal information or supply a direct link over to the chat article.
As reported by NPR, in 2016 alone, phishing accounted for nearly 15,000 reported scams wherein fraudulent phone calls were made under the false guise of the IRS. However, individuals are not the only ones affected by phishing scams. Companies are also targeted, with up to 85% of organizations having reported being scammed over the last 6 months, according to ScamWatch.
How do Email and Phishing Scams Work?
Phishing scams often invade your inbox, disguised as an opportunity that should be taken advantage of with great urgency. These emails will usually include a “link” to click for more info or to “collect your reward.” Once clicked, the scammer will gain access to the account and/or profile of the user. Someone may contact you via email, text, or social media message asking you to provide or confirm personal information. Once you have given your account number, PIN, or Social Security Number, it will be used fraudulently. Most often, the purpose of phishing scams is to con people out of their money. In some lesser-known cases, unscrupulous individuals employ phishing scams just to violate and exploit the privacy of others. In any case, email and phishing scams have proven to be troublesome for the target, as it can compromise one’s privacy, finances, credit, and reputation.
How to Spot Scams
One of the major keys to spotting a phishing scam is to understand that they may appear to be normal. Email scams do not always look big and scary, but the impact they can have on your career, finances, and credit can be severely damaging. Once you understand that a phishing scam can appear normal, you must then look for irregularities. For example, are there grammatical errors in the email? Large companies, like banks, often send out generated emails that have been revised several times over and will rarely contain typos. If the request contains typing errors, it may not be reputable.
Also, look for reduced function in your browser or computer. In many cases, phishing scams are connected to malware (malicious software used to carry out scams) that can cause your browser pages to load unusually slow, create pop-ups, or generate icons on your desktop that were not there before you received the email.
In some cases, spotting a phishing scam is as simple as knowing about scams that have taken place in the past. A recent report from the U.S. Department of Justice states that more than 40 women throughout the nation were being targeted by an Alabama man using phishing scams to gain access to their accounts and devices. The man was said to have been employing common yet effective methods to gain such access and was given a 6-month jail sentence. In another recent case, WTSP reported that a Tampa woman alerted authorities about an email she received from someone claiming to have been hired to kill her. The alleged culprit offered to abort the mission if they received $10,000. This scam, like many others, played on the fear of the target and was used to victimize more than 100 Florida residents.
While some scams rely on fear to exploit people, others rely on more mundane tactics to fraudulently obtain information. Gmail users were still ushering the new year in when emails were sent containing an image of an attachment that linked users to a fake login page. Users would then enter their Gmail credentials, unknowingly granting the phishers access. Although much less alarming than getting an email about a potential attempt on your life, these scams are just as scary because it may take longer to realize that the login page is fake and the risk of being exploited is real.
How to Avoid Email and Phishing Scams
It may feel like these types of scams are inevitable but there are effective ways to avoid them. Avoiding email and phishing scams can be as simple as 3 steps:
1. Do not open attachments or access links that implore you to enter personal details. Most reputable organizations, such as banks and the IRS, will not ask for this information via email.
2. Check the left-hand corner of the URL bar at the top of your browser. Safe, encrypted websites usually include a symbol that looks like a padlock or a web address that starts with ‘https:’. If you do not see either of these, do not proceed to the website as the encryption cannot be verified.
3. Learn from the mistakes of others! Conduct a quick web search to find hundreds of message boards where people report phishing scams. Although scams can be clever, they are rarely original. Use your findings on the internet to identify similarities between scams other people have reported and the messaging that has been sent to you. Chances are that someone else has already encountered the same scam that someone is trying to run on you.
How to Report Email and Phishing Scams
Once you recognize that you have dodged a phishing scam, it is important to report it. Reporting a phishing scam not only helps others to avoid similar scams but also helps authorities gain information about phishing scams and how to prevent them.
As you may have found from the internet search you conducted to avoid the scam, there are several agencies that accept reports of phishing scams. In 2004, the Federal Trade Commission, or FTC, launched an email address (Spam@uce.gov) that consumers can access to report phishing scams. The FTC is also a useful resource for learning about consumer rights and what efforts the federal government is making to prevent phishing scams.
Another way to report phishing scams is to contact the United States Computer Emergency Readiness Team at firstname.lastname@example.org or the Internet Crime Complaint Center. The Complaint Center produces a form that asks for the target’s information, financial transactions that took place as a result of the scam, a description of the incident and other pertinent information. This form can be completed and submitted even if the phisher was not successful in obtaining your information.