You may call me a dinosaur (you
won’t be the first), but since I bagged a nice short “live.com” email address a few years back, I’m happy to stick with it (at
least until something shorter comes along). This means that I’m quite well
qualified to write about phishing and how to avoid online fraud from a
first-hand perspective since that address is probably on every hacker database
currently for sale on the dark web – but even I wasn’t aware of the scale of
the problem until I delved a bit deeper.
- SPAM FILTERS HIDE A MULTITUDE OF SINS
So yes, I do get a lot of spam
mail - not that I notice of course, because the spam filter that Outlook has
online is quite effective these days, and the junk mail folder is where most of
it ends up.
Now the good news is that the
majority of phishing emails look just as dodgy on the surface as they are
underneath. They’re a course in “how to avoid online fraud” all by themselves
by just how bad some of their attempts to replicate official emails are, with
others making no attempt to do that or even pretend like it was written by
anything other than an automated computer program.
This is the “numbers game” end of
the market – the more emails they send, the higher chance that someone,
somewhere, will click on it, no matter how ropey the contents.
But interestingly one got through
the spam filter recently that I will admit fooled even a hardened old cynic
like me. In fact, I initially fell for it hook like and sinker (forgive the
fishing/phishing pun), because it looked to genuine with none of the giveaways
mentioned above
- HOW TO AVOID ONLINE FRAUD? SPOT THE SPOOFS
It was a “spoofed” email from
Apple which thanked me for my recent purchase from the iTunes store (which I
hadn’t made) and looked more genuine than any other spoof I’ve come across so
far.
The aim was to play up to my fears
that my account had been hacked and used without my knowledge (ironic I know)
and use their links to, I assume, “reset” my “compromised” account or
generously install some free software that I hadn’t asked for that will give
them my money.
I say assume, because although I
was initially fully taken in, sense started to kick in so I did what one should
always do when faced with a suspect email:
1.
Check that the sender’s address
and any links matches what they claim to be by hovering over them without
clicking.
2.
If either of them are different
“behind the scenes” to the face value version then delete, delete, delete!
3.
In fact, I went one step further
and reported it directly to Apple before going on to change my passwords - as
you can probably tell, I was slightly freaked out by the “authenticity” and the
fact it made it through the spam filter!
- HOW TO AVOID ONLINE FRAUD – DON’T BE A MUG
Con-men have always preyed on the vulnerable and there will always
be some “mug” out there who will, either through ignorance of how to avoid
online fraud or simple absent-mindedness click on something which to everyone
else looks inherently dodgy. Just be aware that they are growing slicker so you
can no longer hide behind your spam filter - in fact it might be time I updated
my email address after all!
