Updated: Nov 9, 2022
As Black Friday approaches, lots of shoppers are getting their wallets ready to spend on discounted goods and services. Cyber criminals on the other hand, are getting ready to take advantage of these people for their money through phishing scams. Between July 2020 and June 2021, 96,000 consumers were targeted, leading to a loss of over $27 million, according to the Federal Trade Commission.
You may have been told a countless number of times to not click on suspicious emails or texts. But what happens when these phishing emails look authentic to the point where you legitimately believe a shopping website such as Amazon is contacting you regarding a purchase you never actually made? These scammers often claim to be representing a big retail company by sending out an official-looking email or text message, generally with a link to a fake webpage that appears at first glance to be identical to the real website.
Verify then trust if you receive a message regarding something you never purchased. The fraudster is attempting to confuse you in hopes that you give in and provide them with personal information. If you are questioning whether a message is genuine, try contacting the company by looking up their information yourself, such as a customer service phone number on their official website.
Red flags to look out for when receiving a suspicious email
The email address of the author appears to be correct, however, it contains additional characters and/or misspellings.
The website you are visiting does not appear to be secure with SSL encryption (make sure the URLs begin with https instead of http), as well as no lock icon in the corner.
Rather than addressing you by your name, they use general phrases like "Mr." or "Ms." or "Dear Customer."
Throughout the text and/or subject line, there are misspellings or grammatical errors.
Refunds, discounts, and other incentives are offered in the messages.
The sender informs you that you should act quickly and instructs you to open a link and submit personal information, including payment details.
The business logo in the message appears to be poor quality or incorrect.
What should you do if you fall for a phishing email?
If by any chance you do happen to click on a phishing link, take action immediately. If you submitted user credentials for any website or app, update your login information as soon as possible. Select a password that is both unique and difficult to guess and update your PIN number should it be necessary. To inspect for malware, perform a software update and conduct a security scan on your devices. Lastly, disclose the scam to authorities, including the FBI's Internet Crime Complaint Center and any genuine company the fraudsters were imitating.
About the Counterintelligence Institute
Founded by former CIA senior intelligence officer Peter Warmka, the Counterintelligence Institute’s mission is to assist your corporations, government offices, academic institutions and non-profit organizations in protecting your sensitive information and personal data records against security breach attempts. Our online and onsite training services focus on transforming the human factor from being the weakest link in security to becoming the most effective defensive tool against security threats against your company and personal life.