3 tell-tale signs you’re being “phished”
Spear-phishing is a new take on the more familiar “phishing” scams. With spear-phishing, you are directly targeted with information about yourself, so you believe the email is coming from a legitimate friend, acquaintance, or business you’ve dealt with in the past. The emails will often reference a mutual friend, a trusted company, or a recent purchase to make you feel more comfortable with the correspondence. These scams rely on your trust to gather personal information that can be used to gain access to your personal accounts, or garner information that can later be used to extract money or steal your identity. So, how do you stay safe from spear-phishing attacks? The first step is knowing what to look for.
They Ask for Financial Information
No company you’ve dealt with; from a local store to your bank, will ever ask you for your account information or password via email. This type of data is protected, and emails are not a secure way to share this information. Because of this, no business or financial institution will ask you to share this data via email. If you’ve received an email asking for passwords, account information, or credit card information from a business you’ve dealt with in the past, odds are you are the target of a spear-phishing scam.
These scams rely on familiarity to create trust. They utilize the information you’ve shared online to create that trust. To avoid becoming a victim, read emails carefully and never share sensitive data. To further protect yourself, experts suggest tightening up social media security settings to ensure only your friends can see what you are posting. This will help keep scammers at bay.
The Grammar is Off
Spear-phishing emails are often oddly worded or feel awkward when read. Because Spear-phishing relies on acting like a person or company you are familiar with, take note of the way the email is worded. If the email does not sound right or has a tone that is not in line with previous communication with the person or company the email purports to be from, it is likely a spear-phishing scheme.
Spear-phishers go to great lengths to learn something about you to ensure the email creates trust, but they often fail to word emails naturally or in the tone of a native speaker. This is a tip off that you are being phished. Experts suggest going back to previous correspondence if you can and checking the style and tones against each other if you aren’t sure about the legitimacy of the email. Experts also suggest calling the party directly to ensure the correspondence is from them.
The Timing is Serendipitous
Hackers know when people are at their most vulnerable. This is generally during the holiday seasons and when important events are occurring. Most recently, spear-phishing scams stole the W-2 forms of several employees from various companies. The emails were masked to look like they were coming from the CEO, and requested copies of the W-2 forms. Because the emails appeared to be coming from a trusted source and were timed around tax season, employees happily sent off their personal information without thinking twice.
Tax season is a common time for scams. Emails that allege to be from the IRS or from your employer are likely phishing scams. Avoid these scams by following up via phone to verify that information needs to be sent. The IRS will never email you looking for personal information, but if you do receive such an email you should report it.
Equal Housing Lender