“Hello? This is Stephen from Amazon. We’ve detected unusual virus activity on your computer. Your account has been locked and you need to remove them before you can regain access to your Amazon account. If you’ll follow this link…” Sound familiar? Or how about this one: “Good afternoon! This is William from Apple and we’re seeing unusual activity on your iTunes account. I’m going to need to remote in to your PC to make sure everything is OK.” Just as the fishing on the Emerald Coast is great, so is phishing in cyberspace.
For those that are new to the term, Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing, instant messaging, and text messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site (source: Wikipedia).
This past week, we had a handful of calls from clients that received, and sometimes fell for, these exact lines listed above. One such scammer was able to direct the person to a Website that completely mimicked Apple’s support site. Please be aware that Microsoft, Apple, Amazon, and the other tech giants will not call you in this manner. Don’t fall for it!
Our human nature tends to trust anyone that speaks from a (supposed) position of authority. When someone that contacts you tells you they are from a well-known and respected technical company, it is normal to automatically trust that individual. This is exactly what phishers what to happen. They prey on those that are not suspicious by nature or catch those that are distracted and not thinking clearly.
If you ever receive an email or phone call from someone that is “Here to help!” – be on your guard. Be suspicious of anyone or anything that doesn’t seem right. If you feel there may be something legitimate to the message, research it independent of the contact.
For example, I have a particular credit card and once got an email telling me that card’s number was detected on the Darkweb. I was supposed to click on a link to enter my card number to verify I was still in possession of the card, etc. I nearly click the link because the presentation was so well done. Me – and I know better! Thankfully I decided to go to my card’s Website on my own to check on the alert and found there was nothing to it. Had I click the link in the email, I might have lost that card info to the bad guys.
The bottom line is be suspicious of everything you get, especially via email. It is very easy to spoof the email address and such to make it look like Google is actually emailing you. Be paranoid; that isn’t a bad thing when it comes to your online security. As always, you can email or call us with your concerns. We are glad to help you navigate this online world. Support: [email protected] or 850-837-7638 x200
A while back I did a few posts call The Security Series. The first one deals with passwords and good practices. You can find it here and also a couple on the importance of multi-factor authentication (link). Give these a read and see where you can safely secure your online presence and make it harder for the bad guys to win.