BBB Tip: Phishing Scams
Better Business Bureau
Phishing scams can come in the form of prize offers, threatened punishments, or something completely mundane like a file from the office scanner. Sometimes they just rely on a victim’s curiosity to prompt a click or download of something dangerous.
Beware of any unsolicited or unexpected communications asking for personal information or telling you to download an attachment. Many of these communications are from imposters masquerading as trustworthy businesses and organizations. They are “phishing” for your Social Security or Social Insurance number, passwords, credit card information, or other personal details for use in identity theft. Don’t fall for the bait!
How the Scam Works:
Con artists have a creative array of cover stories to disguise their true intentions. Phishing messages typically use one of three methods to fool victims: 1) the message promises a reward (a gift card, free item); 2) threatens a punishment (unpaid taxes, missed jury duty, deactivated bank account); or, 3) appears entirely mundane (a file from the office scanner).
Phishing scams tend to follow a pattern. The victim receives an email, phone call or text message (called “smishing” or SMS phishing). In the communication, the scammer urges the target to click a link, share information, or download an attachment which likely contains malware. In the case of an email or text, the link frequently leads to a form, which prompts the target to enter personal information.
One senior citizen recently alerted the BBB in Western Michigan to a fraudulent email from a random email address stating that this individual owed $3,447.90 USD on a Visa bank card. The email included a prompt and password to access an attached PDF file that allegedly contained more information about the charges.
Think twice before you download anything from the Internet, especially if it’s an attachment from an anonymous sender. Scammers will hide malware in an attachment and once you download it, it can wreak havoc on your computer or steal your personal information.
Tips to Avoid This Scam:
- If something sounds suspicious, confirm it by calling the company directly or checking the company website. Don’t click on links in an unexpected email – type the URL for the company into your browser or do a web search to find the right website.
- Don’t click, download, or open anything that comes from an anonymous sender. This is likely an attempt to gain access to your personal information or install malware on your computer.
- Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Always be wary of unsolicited messages that don't contain your name, last digits of your account number or other personalizing information.