You think you know phishing?

You think you know phishing?. Even though computer users are getting smarter, and the anti-phishing tools they use as protection are more accurate than ever, the scammers are still succeeding. Lured with promises of monetary gain or threats of financial or physical danger, people are being scammed out of tens of thousands of dollars. Corporations lose even more - tens of millions. These cons continue to work because they have evolved to stay one step ahead of their marks, taking advantage of current events like the coronavirus crisis and. If they didn’t change, they would fail. And then their creators would be looking for a real job..

Deactivation scares. This is a lure that often works because nothing scares people into reacting quicker than a deactivation notice. You have probably gotten one of these. You probably got one today. Rarely a day goes by when we don't get an email pretending to come from an organization we might - or might not - belong to. It claims your account will be deactivated if you don't follow a convenient link, enter your logon name and password. and take immediate action - probably to update your credit card. These were once easy to spot. But these days, they look incredibly realistic. They might include real links to the company they claim to be from. They probably even include "Beware of scammer warnings or reassuring ""Scanned and Cleaned by “AV” notices. It's easy to ignore these phishes if you don't have an account with the companies they claim to represent. But if you do have an account, and you have recently moved or cancelled a credit card, you might assume you are taking care of business by dealing with this quickly..

Deactivation scares: The solution Every time you click on a link, look at the browser bar and see if matches exactly the one you would type in to go to your account. Better still? Make a habit of closing the email and typing the website address into your browser for anything like this..

Look-alike websites. If you followed a link like one from the last slide and looked at the website, you might have felt an instant moment of recognition and reassurance that you are in the right place. It has become very difficult to tell the difference between a phishing website and a real website. The fakes are accurate copies, and they contain the real website's URL as part of their own URL. But if you look at it carefully, you will see that the phish points to a different domain. But this is easy to miss when the website looks just like the real thing. This screenshot shows an example of a phishing email falsely claiming to be from a real bank. Customers of Sun Trust might well fall for this phish because the site looks comfortingly familiar, even though the URL is phony. Heck, even the financial institutions themselves cant always tell the difference. Equifax rather famously - sent out a link to faked version of its own site via Twitter in the aftermath of the its breach reveal. Twice!.

Look-alike websites: The solution. Website Description automatically generated.

Go directly to jail. Phishers know you have a guilty conscience and use it to snare you. Even if the thing you feel guilty about is not illegal, you can often be tricked into worrying that you have been caught. And nothing motivates someone to respond immediately and with uncharacteristic foolishness than the threat of jail. Thus, in the United States, phishing scams that use fake FBI warnings for illegal music downloading or watching pornography lead the way. Fake threats from the IRS for tax return issues are also very successful. These lures often come over the phone - perhaps to heighten the sense of urgency. If someone claiming to be the government is insisting you pay them money immediately this second, to avoid some horrible consequences, it's fake. Some people pay though they know they didn't cheat on their taxes, watch porn, or download music. They just want the warning to go away - it won't! - or assume someone else in the household is the culprit. Unfortunately, the fake penalty warnings that come in via email often deliver ransomware, which will completely lock up your computer until you pay..

"Government" threats: The solution. A picture containing text Description automatically generated.

Tech support scams. Graphical user interface, text, application, Word Description automatically generated.

Tech support scams: The solution. Text Description automatically generated.

Craigslist money scams. Fraudsters adore hunting for prey in personal ads and auction sites. But, by far, their favorite fishing hole is Craigslist. This isn't because these places are evil. It's because people show up at them, willing to click on links and exchange personal data and money On Craigslist, money scams happen in a variety of ways. But the most common one happens when you go there to sell. To your delight, a buyer appears immediately, offers to pay your full price - and shipping! That was easy. But it gets even better. They very trustingly offer to overpay if you will use their independent, trusted intermediary to handle payment and shipping costs. For this, they offer an overly large check. They ask you to remove your portion and forward the remainder to their intermediary. Two days later, your bank returns the check your buyer sent because it's bogus. Now you are on the hook for the fraudulent funds you sent off to the intermediary. Don't assume your bank verified the check when you deposited it. It doesn't..

Craigslist scams: The solution. Text Description automatically generated with low confidence.

Wire transfer scams. Graphical user interface, text, application Description automatically generated.

Wire transfer scams: The solution. Website Description automatically generated with medium confidence.