Become a Cyber Sleuth - Beware of ID Theft ScamsAugust 14, 2016
Every time you check your email your inbox is just waiting to become a crime scene. Cyber criminals may be lurking there, hoping to steal your passwords, your personal and financial information, or to take control of your computer or files. Their “phishing” scams use different kinds of bait to get you to click on a malicious link in an email. Either they tend to offer something very exciting or they try to make you think that the email is routine: an interesting link sent by a friend or a file that you were expecting.
The key to your privacy and safety is to look for clues before you click on any email link. And once you hone your detection skills, you may find that cyber sleuthing is fun. Here are six ways to spot phishing emails:
- Does it promise something sensational? There really is no such thing as a free lunch. The government, Nigerian princes, banks . . . none of them are really handing out money by email.
- Does it make threats? The IRS will not threaten you by email, nor will courts send email threats about jury duty. If you’re not sure, look up the IRS web site (NOT by clicking links in the suspicious email), call them up, and ask.
- Did you initiate it? Don’t click on a link to track a shipment for something you didn’t order.
- Does it say “Bulk” in the subject line. Phishers send out thousands of emails counting on some small percentage of people to open them and take the bait.
- Is the domain name (the part after the “@” sign) in the email real? If you stop and look, you’ll find that there may be extra letters or other misspellings in what may look like the domain name of a legitimate organization.
- Is the URL behind the link legit? There may be misspellings here, or a strange URL may be hidden behind linked text, but you can see it by hovering over the link with your mouse before clicking through.
Here’s an actual email that showed up in our inbox. Let’s apply our sleuthing skills.
First of all, the offer is sensational and unsolicited. No one is going to give you $10,000 overnight, and certainly not without receiving a loan application. Second, the sender is unknown. The “Approval Department” of what? There’s no business logo, and if we enter the sender’s domain name, www.tastestree.com, in a browser window, we get a Server Not Found error. The subject line also contains “Bulk,” and when we hovered over the link in the message, we found it linked to a site called fouryellow.net, which is not a business or bank.