There are several versions of the phishing attack but they generally follow a similar pattern. A victim is presented with an official-looking electronic communication (such as an email or webpage) that requests them to enter certain credentials, often an email address, credit card number or bank login. These credentials are then passed on to the author of the phishing scam for their use.
To give you a better idea of how this works, let’s walk through an actual scenario. You receive an email from Bob who is one of your email contacts. The message from Bob says “Hi John! Take a look at this new project I’m working on!” There is a link in the message labeled My Project so you click on it to see what Bob has been working on. The link opens a webpage that looks like Google Drive and it says you need to sign in with your email address and password in order to view the files. You enter the information and the page logs you in. You see several files but when you open one it looks like gibberish. You email Bob about this problem and a few hours later Bob writes back and claims to not know what you are talking about. He hasn’t been working on any projects and he doesn’t use Google Drive.
What happened? In the example above, Bob’s email account was compromised by someone who gained access to his email login. This person then sent email to everyone in Bob’s contact list with a link to the fake Google Drive website. When you entered your email and password on the site you unknowingly gave your email address and password to the bad guy. This “bad guy” can now login to your email account and access everything from your security settings to your contact list and of course, every single email in the account. Since email is used for everything from Facebook, to banking, to personal connections, everything is now accessible. They can even lock you out of your account by simply changing the password.
Emails are a popular vector for these attacks but they also appear on social media sites like Facebook, Twitter and Google+, or be made to look like official websites like the IRS or Interpol. So how can you protect yourself from these attacks?
1. Use a paid anti-malware product such as Emsisoft. Anti-malware software will help to mitigate the number of attacks as well as warn you of potentially dangerous sites. If you do receive a warning, don’t simply dismiss it. Instead, take the time to evaluate the situation before simply dismissing it. If in doubt, check it out or simply give us a call!
2. Don’t mindlessly click on links! Hover your cursor over the link to see where it actually goes. NEVER click on links that claim you’ve won a prize.
3. Don’t search for popular websites, type their address directly in the address bar of your browser. Typing a website into a search box (such as Google, IRS, or Yahoo) simply runs a search for the site. Since these are popular sites, it is very common to find spoofed links in the search results. Case in point: searching for the IRS on Yahoo brings results for irs.gov (the real Internal Revenue Service site) and irs.com which, according to their about us page “IRS.com is in no way associated with or endorsed by the United States Department of Treasury or the Internal Revenue Service. It is a non-governmental, privately owned website, operated by Banks.com, Inc.” Sounds like a great place to file your taxes, right?
4. Don’t panic. One of the most effective phishing scams is the popup, email or webpage that claims there is a problem with your computer and all you have to do is “click this link” or “call this number” to get help. In most cases there is nothing wrong with your computer. If you are indeed having problems, DO NOT call or click! Instead of trusting your computer to a complete stranger, contact Yellowstone Computing to take care of any issues. Not only will you get the best results, but you will save hundreds of dollars as most of these scammers will charge anywhere from $250 to $500 for their “support,” and still leave your system vulnerable!
5. Use two-factor authentication when possible. Although somewhat inconvenient, this security option does make it more difficult for your accounts to be compromised.
What to do if you HAVE been a victim.
Change your passwords as soon as possible, preferably from another computer. This is because the device you were using may have been infected by a key logger (which tracks what you type) or other malware that can leave you vulnerable. If you gave away any banking or credit card information, call those institutions immediately and explain what happened, they will be happy to help you change your accounts and login credentials to prevent fraud.
Contact Yellowstone Computing to have your computer checked for possible infections and if you haven’t been using a good anti-malware product, get one.