Typically, scammers target the masses through email—called phishing—essentially casting a very wide net and hoping some poor innocent soul takes the bait. Now criminals are more focused in their efforts to steal your information and your money. Spear phishing is the new and improved version of phishing—targets are individually selected and they use what they know about you to access your personal and financial information. They might know your name, your address, even where you work or bank. Then they use this information in an email or text, representing themselves as someone or a company you know to gain further access. Here are some common spear phishing schemes to avoid:
EMAIL FROM A “FRIEND”
You might receive an email from someone in your contact list directly addressed to you. It could make reference to a mutual friend in need and ask for money to be sent immediately. Or there could be a link within the email that includes a malware download to your device. These emails tend to feel a little “off,” so if your instincts are telling you something isn’t right, it probably isn’t. Confirm with your friend before acting. Never respond to, click on a link from or download anything from an email you don’t trust.
EMAIL FROM A BOSS OR COLLEAGUE
You might get an email from your boss or a higher up stating, “Urgent: Immediate Action Required” with a link. Clicking on the link could do serious harm to your computer and the company network. The bottom line is never give up personal information via email and don’t click on links without verifying the sender. An easy solution is to confirm with your place of employment before you respond.
SOCIAL MEDIA VOYEURISM
The spear phisher bases his entire scam on familiarity and how much he knows about you. What better place to find personal information about you than through social networks? By scanning sites like Facebook, the spear phisher can get your email address, your friends list and even see a recent post about something you just purchased. That’s the opportunity they are looking for to pose as a friend, send you an email asking for a password to your photo album which they will try to use on your other accounts. You might have privacy restrictions on your page, but not all your friends do, so don’t post anything that a scammer might want like your address, phone number, travel plans and dates, medical information, etc.
ASKED TO VALIDATE YOUR CREDIT CARD INFORMATION
You recently purchased a TV online and told everyone via social media about the great deal you got. Then you receive an email from the company you purchased it from asking to validate your credit card information. Seems simple enough, but the email is really from a scammer who was monitoring your web presence and posing as the company. In that case, you simply contact the company directly and confirm with a customer service representative.
If you have been a victim of an Internet scam or have received an email that you believe was an attempted scam, please file a complaint with the Internet Crime Complaint Center at www.ic3.gov. Also, contact UNIFY at 877.254.9328, to report a fishy phishing email that seemingly came from “UNIFY.”
No problem. Just phone our Contact Center at 877.254.9328, available 24/7, and a UNIFY Representative will assist you.