Using social engineering techniques, thieves send out phishing scams in hopes of stealing your personal information, your money or both. Here are the most common types of phishing scams prevalent today.
Phishing Emails are email messages that attempt to lure a victim to click a dangerous link, download a malware-ridden attachment or give up a password or other personal information that could be used to steal money or your identity. As we mentioned before, hackers often capitalize on recent breaches when it comes to crafting their phishing campaigns. Following the Equifax breach, scammers started sending out phishing emails trying to lure nervous consumers in. Watch out for phishing emails with the following Red Flags:
- Phishing emails claiming to be from Equifax where you can check if your data was compromised.
- Phishing emails that claim there is a problem with a credit card, your credit record or the like.
- Links claiming to be from Equifax or a financial institution.
Spear Phishing is a very targeted type of attack where the hacker has done enough research about the organization and internal workings to craft personal emails that might be construed as legit. Remember all those W2 scams where well-intentioned payroll employees were tricked into sending every single W2 for their employees to a hacker? Yep — spear phishing.
SMS Phishing, also called Smishing, is phishing carried out via Short Message Service (SMS). Basically, you get a text with a link that leads you to a phishing website that tries to get you to reveal personal information. Or the link might prompt you to install malware.
Voice Phishing or Vishing seems to be on the uptick lately if our own experience is any indication. Recently we received two scams calls in a single week. The first was a blocked number that left a voicemail with an automated voice informing us our Social Security number had been suspended and giving a phone number to call back. The second was a call from a 273 area code. The woman claimed to be from the U.S. Government and cussed us out when we sarcastically replied “Sure. Sure you are.” Whatever you do, please don’t tell these people anything.
How to Stay Safe
You might be asking, what can I do to stay safe? We have three easy steps.
- First, you should look carefully at the email. Does the email use your real name or a generic opening? What is the sender’s email address? Are there any misspellings? Is there weird phrasing in the body of the email? You can compare the suspect email to a previous one from the company. If there’s an urgent call to action, it is even more likely it’s a scam.
- Second, don’t ever give out personal info over the phone unless you have initiated the call to a trusted source. Make it a rule to not answer phone calls from numbers you don’t recognize. Also, “don’t trust your caller ID, scammers can spoof their numbers so it looks like they are calling from a particular company even when they’re not,” according to the Federal Trade Commission.
- Third, be sure and sign up for an identity restoration membership. LibertyID is the AAA of identity theft protection, offering the most effective identity theft restoration service. Sign up for an annual subscription and rest easy knowing that if your identity is stolen, we will fix it. But just like with AAA, you have to be covered before there’s an incident.