Briefly imagine that you had every piece of physical money in the world. Every ruble, euro, drachma, rupee, yen, pound, dollar, and coin from around the world is in your possession. If that were the case, you would only have 8% of all the money in the world – because 92% of money only exists as numbers on a computer screen.
Fraudsters know this. That is why they go to every possible length to get your personal information so they can access your accounts, and steal the money you work so hard to earn. The potential for fraud is an ever-present reality as we become more connected with one another via technology and social media. Some strangers roam around the internet casting out their lines to snag unsuspecting prey. That means you need to know how to spot these wolves in sheep’s clothing by being aware of the two most common methods of fraud, and how to handle them.
Financial criminals who pretend to be someone you know (usually a casual acquaintance) to get you to share personal information are spoofing. Many people on social media get private messages that look like they are coming from someone on their friends list, but in fact are fraudsters attempting to gain access to their computer and online information.
“Don’t reply to any friend requests that seem to be from me! I’ve been hacked!” is an all-too-common status update, a result of spoofing.
Similar to spoofing, Phishing is when a hacker attempts to gain access to your secure information by sending you an e-mail (most often) that appears innocent, but asks for some of your personal information. Often, there will be an imperative tone to the e-mail something along the lines of “URGENT” or “Response Required.” This is to encourage the recipient to panic and comply without question.
One huge phishing scam that happened within the last 3 years was an e-mail that looked like it came directly from the world’s largest movie and television streaming service. The e-mail stated that if the user did not update their payment information immediately their service would be suspended. THOUSANDS of people clicked the link in the e-mail, and provided their private financial information to fraudsters when all they had to do was go to the official company website and verify that their payment information was accurate for themselves.
There is a second type of Phishing called “Spear Phishing”, and like the name suggests, it is a more targeted approach to phishing. Spear Phishing targets specific groups of people, like those who work in finance, insurance, or government agencies. The hackers want access to a specific group of people, or the specific data that those people keep.
Fun fact: Phishing is spelled with a “ph” rather than an “F” because the earliest hackers called themselves “phreaks”. Phreaking is technological slang for exploring, studying, and experimenting with telecommunication systems. Many of these early hackers engaged in criminal activity, and so the “ph” spelling was used to link certain types of scams with these unsavory characters.
Here are ways to protect yourself from spoofing and phishing:
- Do not open unexpected e-mails from addresses that you do not recognize. In the age of texting, very few people outside of the workplace communicate via e-mail.
- Do not click any link in any e-mail unless you know exactly where it is going to take you. This includes “unsubscribe” links. Receiving spam in your e-mail inbox can be frustrating, but that unsubscribe link is still a link that may be tampered with, and open your device up to hackers. When in doubt, delete the e-mail.
- Do not take social media quizzes, “What kind of ____ are you?” tests, or download “Free” games. Many of those install malicious software on your computer or phone that can log your keystrokes. Meaning that after you are done taking the quiz or playing the game the software can see every single word you type – including usernames and passwords for websites you visit.
- Go to the source. If there is an important notice for you, or time-sensitive information then close your e-mail, and call the company or organization directly. They won’t mind, and if the problem is legitimate you can get it resolved immediately, and if it’s not you just saved yourself a tremendous amount of headache.
This image is an example of a phishing e-mail from New Zealand:
Without all the red boxes with explanatory text this e-mail looks very general, but official. Many people would fall for it, and click the link that would take them to a website that looks VERY SIMILAR to their banking website and enter in their financial information.
For more information regarding Fraud you can look back through our blog catalogue and find “Spam, Scams, and Shams” from fall 2018, as well as “The F Word” from last March. Even the wisest and most cautious can inadvertently be taken advantage of, and ECU is here to help right the ship when that happens. Members with our Red Apple or Golden Apple checking accounts have free access to Benefits Plus.
Benefits Plus is an organization that provides incredible discounts, rebates, and coupons on a wide variety of goods and services, but also they help restore your identity in the event of fraud. All any of our eligible members has to do to receive the benefits from Benefits Plus is go to www.Benefits-Plus.org and sign up. Not only will you have the opportunity to save more money, but you will have the peace of mind of knowing that should the worst happen you have someone in your corner.
Reading about all the ways we may be vulnerable to financial attacks that affect our quality of life can be alarming to say the least. But, as they say, “Forewarned is forearmed.” Spotting a wolf in wool can be difficult, but there’s always a Tell for the careful observer.