Current Phishing & Spoof Attempts
Email phishing and spoof mail is not this easy to spot but I still get more than five a week. Spotting phishing and spoof emails can be harder than you think. I have received emails from all kinds of different banks and creditors hoping get me to bite, phishing, but I do not answer any email using the link supplied by whoever is behind the email. I have also received a couple of phone calls and been told that my account information needs to be verified or my account will be closed. This is also considered phishing as they are trying to get information from me about my accounts. My first response to this was giving me your phone number and name and I will call you back. Suddenly the line went dead. I would also ask them my account information that they have displayed if they are calling me, not the other way around. If a bank is having a problem with your account, they use your account number to identify you, not your name. So how did they get a hold of any information about your account that may need to be verified or changed? If they would still be on the line I would ask them other information about the reason for them calling me and not telling me to go to my local office. After all, if it’s so important for them to call me than they can suspend my account till I get into the office or bank and straighten out whatever problem is going on. Their phishing for information from me, that’s why they want me to give them whatever they can get over the phone. Whether they agree to this or not doesn’t matter because I’m not giving them any information, even my address or full name. They are attempting to get information from me by phishing for it.
Phishing is an attempt to get personal information such as account numbers, social security numbers or any other information that could help someone get into a current account or start a new one with some things changed so they can steal your identity. Hence the term Phishing, trying to catch people using scary or fake emails or phone calls and give out personal information. Phishing can get some people by the method of throwing out phishing emails and getting at least some people to bite that do have accounts at the bank or place the emails is purporting to be from. They send out thousands of phishing emails in the hopes that a few will bite. After all it only takes a little time to send out thousands of phising or spoof emails using the internet and some small programs that generate random email addresses.
Spoof mail is where they create emails using different information in the lines of the email that say where the email is from. The spoof part is usually any links that you would click on to go to a web site. In an email just about anything can be a spoof. The pictures you see can be copied using copy and paste on anyone’s computer. Spoof mail can look very much like a real business or accounts and that is why it is considered spoof. They try to get you to answer their email by signing in on their website by changing lines in the email you receive making them look like real businesses or web sites. Spoof just means to fool but has been used mainly when we talk about computers and emailing, spoof mail is a email that fools you into thinking it is from a real business or web site. There is spoof that is good for businesses and companies while using local area networks for them to run faster and easier but that is not the kind of spoof I am talking about.
When you get a phone call that says they are from your bank do not ask them for anything other than a return phone number and name. This will usually shut them up, but if they persist then ask them to wait and you will call them back. Then call your bank using the telephone numbers that your bank gives you for talking to a bank officer or fraud reporting. These will be available from your account statements or even the back of your credit or debit card. Call the 800 number on your card; explain the situation and they will be able to help you. They will not ask you to divulge information about your account other than your name and maybe phone number. But you can trust them because you called their nationally known telephone number. They will refer you to your local branch of bank or office to talk to an officer if there is any worry about your account. Give them the information of the phone number and the name, they will know what to do and refer you to whoever handles this kind of thing. The phone number I called on the back of my debit card told me to talk to my bank branch and they could help report the attempt at fraud through a person at the branch. Not through the phone. Any information they want, can and will be handled through a person at a bank, not over the phone.
The same goes for emails and your banking accounts, do not trust any emails as they could very well be a spoof and phishing for information from you. Do not trust anyone and get the facts from your account using your usual links in your favorites bar. Never use links in an email to go to any sign in pages or accounts. Always use the links you get by searching for your banking site from your internet and not an email. Use the sign in page that your bank has given you when you signed up for the service. When you go to a link from one of these spoof or phishing emails they may look almost exactly the same as the regular and real account. This is very easy to do as the ones behind this attempt at theft just design a web page using the real one as a model. Even the little lock in the corner is not a verification of your security. Use the site you were given when you signed up or search for the site using your address or search bar. Phishing emails and spoof parts of emails are very easy to make, it is the very nature of web site design that makes them this easy.
Today anyone can design websites and make them look very good. My son has designed a few web sites and is going to college to do this for a profession. His web sites look very good and he has shown me how easy it is to change information using a links setup and the other parts of web design. It is not hard and for anyone who wants there are plenty of web sites that will show you how to look for this. Microsoft and other large companies know about phishing emails and spoof emails and do warn about this very thing.
This is the best and easiest way to tell if you are on the receiving end of a phishing expedition or not. If your bank needs anything from you they will tell you to come into the bank and deal with it. They will not call you or mail you to fix this major problem with your account over such an insecure method. The banks know this is not the way to handle such personal information and they don’t do it. Any bank in the United States will ask you to come to the bank and discuss with them in person any problem with your account. They will definitely not ask you for any kind of information with your account. They already have all the information they need to deal with your account at their fingertips. Why ask you over the phone for something if it is so important to have to call you. Anything you need to do with them will be done in person. This is very important to understand. Anything they need to do with your account and anything they need will be done with you present or be done to your account by their regular methods. No one from any bank needs to ask you anything over the phone or in an email. They will have you come to the bank if there is a problem and not ask you for any information that could be used to steal your identity.
So when you get those emails from your bank, assume they are spoof and phishing emails, even when you get ones from banks you are not members of and delete them. If you want to see if there is a problem with your bank, Paypal or other financial institute, use your regular link from the sign up or search for the site yourself and go there through the links you make. Do not use any links in emails, at all. The only links you should be using to get to sites is the ones you create by visiting the site from your computer.
If someone calls you and says they are from your bank and want any information, tell them nothing. Ask them how they got your phone number and name, and then tell them you will call them back. Ask them for their full name and phone number. Then call your bank and tell them what happened and they will handle it. If there is any problem with your account they will tell you to go to your branch to handle it in person.
Many times people think they are in trouble when they receive emails or calls telling them their account is in trouble. Do not believe them as the calls or emails could very well be someone phishing and the information in emails can very easily be spoofed. The best bet for any question about account information is going to your bank or calling them and getting the information about your account in person or over the phone.
