Linder Financial Services
You Invest the Money...We Invest the Time

Blog

Bernie's Blog

Phishing Anyone?

As part of our normal security training and review, we tested ourselves on our ability to spot phishing emails.  We will give you an option below to check your own capability too!  (The test is hard.  I have had phishing training at least three times and I still didn’t pass the first time) 

So just what is phishing? 

Phishing is the fraudulent practice of trying to obtain financial or other confidential information via the Internet by sending users a fake email which looks like it has been sent by a legitimate organization but which contains a link to a fake website which looks like the real one.  The confidential information entered by the user on the fake website is then used to steal money or confidential information.  Scammers phish because it’s easy to do, there are no geographic limitations and it works!  Phishing is also often done via a fake link sent by text message.

How do I know if an email is phishing? 

  • There is a link inviting you to update or confirm information, usually urgently. Often the email will indicate that your account is “on hold”

  • The greeting is generic

  • There are typo’s or grammar mistakes

  • The email looks legitimate and it’s from a company you do business with

  • It offers some refund or prize you have not requested

What can I do to reduce the chances of being caught in a phishing net?

  • Use security software on your computer and apply security patches when they are pushed to you

  • Automatically update your phone with security upgrades

  • Use multi-factor authentication where it is available

  • Back up electronic data – to external drive

  • Do not click on links in emails unless you are sure they are legitimate. Use other means to contact the company.

What should I do if I am caught in a phishing net?

  • If you think you have revealed confidential info, contact IdentityTheft.gov

  • Run a security scan on your computer and update your security software if needed

  • Change relevant passwords using legitimate website, not email link

  • Report the scam to the real website owner

  • Help others avoid the scammers:

    • If you got a phishing email or text message, report it. The information you give can help fight the scammers.

      • Step 1. If you got a phishing email, forward it to the FTC at spam@uce.gov and to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).

      • Step 2. Report the phishing attack to the FTC at ftc.gov/complaint.

Learn more here:  https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

Take the test yourself:  https://www.phishingbox.com/phishing-test

 

Lori

Charles Morell