Most days, I get an email referencing a “report I requested” or an “invoice I need to pay.” Am I curious? You bet. The attachments look innocuous enough, and it’s quite possible I requested a report or have an invoice. But I tamp down my curiosity and hit delete because I know with 99 percent certainty that it’s a ruse.
Hackers have gone phishing … and your personal information is their catch.
We all know better than to fall for requests from Nigerian princes, but many of today’s phishing schemes are fairly sophisticated. The hackers’ goal is to send you to a fraudulent website where they persuade you to enter your login credentials or personal information and then have you download a file that infects your computer.
And we’re falling for these scams hook, line, and sinker. Security firm Kaspersky Labs said its anti-virus protection detected over 121 MILLION unique “malicious objects,” including nearly 2 million attempts to raid bank accounts. So how can you avoid becoming a target?
Tips to prevent internet fraud
1. Use your common sense
Your first line of defense is to think through the request. Is your nephew really going to email you from a foreign country, asking you to “wire” thousands of dollars? Probably not. Did I really get a report from the CEO of a firm that’s simply called “Food Packaging Company?” Unlikely.
2. Check the sender’s information
The most common red flag is a bizarre return email address. Sure, the “from” line might have a reputable name, but if you look at the address after it, it’s almost always something sketchy, like my food-packaging friend:Doyle.email@example.com. That’s not the email address a CEO is likely to be using.
3. Check the hyperlink before you click on it
You can do this by hovering your mouse over the underlined part to reveal the address it’s purportedly taking you to. If it’s authentic, it’ll likely be preceded by “https,” the “s” standing for secure. (Check out Esurance.com, for example.) Otherwise, it could be a faux site, and clicking on the link can take you to a fraudulent website where you might give them access to your personal information or have malware installed on your personal computer.
4. Look for errors
It’s unclear why fraudsters aren’t able to spell-check or use decent grammar, but almost every phishing email seems to have some egregious spelling or grammar error. (And yes, we’re more into grammar than most people, but still!) If the language seems stilted or words are missing, it could be coming from an international imposter.
5. Avoid those attachments
Just. Don’t. Click.
6. Never give personal information
Your bank isn’t going to email you and tell you there’s been an error and you need to log in to fix it. They’re just not.
7. Don’t be fooled by urgency
Do you really think the IRS is going to seize your house tomorrow for “unpaid taxes?” No.
8. Call if you’re unsure
Hackers are becoming increasingly wily and sometimes it can be hard to know what’s authentic. If you have any question about an advisory or whether your account has been compromised, call the company’s known customer service number (not the one in the email, which could be fraudulent, right?) and ask if they recently contacted you for information.
And rest assured that your info is always protected here at Esurance. Protecting the privacy of your information is of the greatest importance to us. As an insurance provider, we are regulated by Federal and State laws protecting the confidentiality and security of your information, as well as our use and disclosure of it. Whether you are a current, former, or potential customer, Esurance treats your information with the same high level of confidentiality and security.