When untrustworthy online entities go “phishing”, they’re not looking to reel in yellow bass or rainbow trout; they’re looking to reel in your credit card or bank account information, or even steal your identity, and it could end up costing you thousands of dollars.
The Fort Smith Police Department has released their latest in a series of monthly crime prevention tips, this time aimed at phishing scams. “Phishing” in the digital era is an attempt to steal usernames, passwords and credit card details for malicious reasons through electronic communications, either text or email.
Phishing emails usually appear to be from legitimate sources and well-known organizations, and ask for personal information. The information gleaned can be as seemingly harmless as your date of birth or as truly harmful as your Social Security number, and they always sound as if they’re being helpful.
According to the Federal Trade Commission, examples of phishing emails and text messages include: “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
The irony, of course, is that the message is ultimately trying to do exactly what it says it is trying to prevent: unauthorized access and use of your account. Which account? It could be any of them, according to Andy Jacobs, a North Little Rock consumer credit counselor.
“Once, I received an email asking about my PayPal account, and I didn’t even know I still had one,” said Jacobs during a phone interview. “I used PayPal, like, once about 20 years ago for an auction on eBay, and then immediately closed it afterwards, and I hadn’t heard a peep from PayPal or from my bank or from eBay, and then, here it is two decades later, and somebody is emailing me about it. I knew it couldn’t be legit,” he added.
Another example is, “Our records indicate that your account was overcharged. You must call us within (seven) days to receive your refund.” Instead of appealing to your fear of compromised security, they now try to appeal to your financial sense, because who doesn’t want to receive free money?
But phishing — just like fishing — can also be physical. In physical terms, credit card readers at gas pumps or ATMs can be tampered with, and the next time you fill up your tank or go to your bank to take out cash, check the security sticker on the reader or check to make sure the display and keypad are intact. If the card reader is loose or the sticker broken, don’t use it and alert the business.
“In the real world, it’s a little harder to pay attention to details like that,” said Jacobs. “When we’re at the gas pump, we’re thinking of half a million things all at once, right? So, who has time to remember to look for that?”
Phishing scams will also usually have misspelled words and links to a fraudulent account, according to the tips from FSPD. Never click on any link in an email that asks for personal information unless you’re familiar with the link, and never provide personal information over the phone, despite threatening language in the email.
The best way to deal with suspicious emails or text messages is to immediately delete the message, as legitimate companies will never ask for this information via text or email. If you feel that you have been the victim of a phishing scam, immediately change your passwords and PINs, and contact your financial institutions to notify them.
For more information on phishing scams, check out the Arkansas Department of Information Systems at Arkansas.gov.