Preventing falling for scams.

Justin33

Solid State Member
Messages
8
Location
Canada
Hi,
I almost got hacked. I received a mail with some reward offers for my credit card by my bank. It took me to the bank's site and I entered my id and all. But the page didn't load. I suspected server issues, but later when I talked about it to my friends, they told me it might be online fraud. I searched online for an explanation and came across this article. (What Is Skimming, Phishing And Online Fraud? | Kevin Thatcher). I think I may have become a victim of phishing. I informed my bank immediately. Luckily, I was able to save myself. The article has listed cautions to protect from such scams. I was thinking if there is any anti-spyware software or firewall to prevent accessing such pages. If anyone knows about it, please share.
 
No piece of software is going to be perfect. Scammers are smart and always evolving - security is always playing catch-up. Anti-spamware is pretty useless when clicking on links in emails and firewalls have to be set up just right to block only the bad URLs and not the valid ones to your bank/whatever else they are trying to scam from you.

The best thing to do is as you get phishing emails, mark them as spam in your email client and it should learn from it and move future emails like that to your spam/junk mail folder.

Otherwise the only thing to prevent you from falling for scams is you. If you're not sure of the source or have a bad feeling in your gut, your gut is usually right. Best case is to either forget about the email and delete it or call/visit the institution's website yourself to look for a similar offer.
 
In most phishing type emails there are lots of clues that should make you suspicious.

First off, does the email address you by name or simply as "Dear customer"? Genuine mail from your bank or other legitimate institution will know your name and use it.

Are there mistakes in grammar, punctuation or spelling? Legitimate email will generally not contain these errors.

Hover your mouse pointer (don't click) over any links in the email and look to see if the link points to a valid website. For instance, if the email claims it's from "The Great Western Bank" but the link points to "http:\www.scams_r_us.com" then you know it's bogus.

If an email offers you a link to the company's website to update credit card or bank account info, instead of using the link, go to the company's actual website and check that the info is accurate there.
 
Also any bank's or other financial institution website will most of the time have the green padlock and it could be highlighted in green with their name which proves to you that they are legitimate and not a bogus business. Example below

ev2.jpg
 
The best advice I have ever received about bank offers is to look at the e-mail but don't click on any links. Once you click on a link you either get your computer taken over by malware or they steal your information. Most bank e-mails show a small portion of your account number and definitely always address you by name. Also usually any offer codes are at the bottom of the e-mail. I suggest just writing them down and then going to the banks website by typing the address.
 
Thank you for this information! To be fair would you mind if I shared this information on other forums as well? :)
- better spread the word, right?
 
I agree with everyone else and work in the security sector. The main thing to remember is check the URL. Although that can be spoofed. So my biggest recommendation is this: did you enter a competition in the first place? Everyone gets these types of emails, as the others said most of them are really badly spelt this is because a lot of them come from non English speaking countries, Nigeria is a common one. It will have been ran through Google Translate so probably won't make much sense.

When I get an email saying I've won 15000 I think great and delete it. Nowadays I don't even report them to the companies they are trying to be, because there's simply that many of them.

Another good tip (if you have already clicked the dreaded link) is to click all other buttons or text boxes etc on the page. Usually only the user/pass boxes with be functional and the submit button. It takes more effort to make a fully functional site and thus 90% of the time they don't do it.

Sent from my HTC One M9 using Tapatalk
 
... Another good tip (if you have already clicked the dreaded link) is to click all other buttons or text boxes etc on the page. Usually only the user/pass boxes with be functional and the submit button. It takes more effort to make a fully functional site and thus 90% of the time they don't do it.

Sent from my HTC One M9 using Tapatalk
While it's true that the other buttons and such may not be functional, I don't think I would recommend clicking on any of them, especially randomly, as you don't know what clicking on one of them might do.
 
Back
Top Bottom