Phishing, Smishing, and Vishing are scams where criminals attempt to get users to click a fraudulent link through a phone text message (smishing), email (phishing), or voicemail (vishing). These scams are becoming increasingly popular as cybercriminals try to take advantage of people who are more likely to fall for them, such as those who aren’t as familiar with technology or who may be experiencing a crisis.
What if you receive a text message/email from a company you trust and use, such as your financial institution, Amazon, BCHydro or Netflix. Cybercriminals will often send out phishing emails that appear to be from a legitimate source, such as a financial institution or well-known company. They often use authentic-looking logos and branding from legitimate companies. The email will typically contain a link that directs you to a fake website that is designed to look like the real thing.
Once on the fake website, you are asked to input sensitive information, such as your login credentials or credit card number. This information is then used by the cybercriminals to commit fraud or identity theft.
Cybercriminals may also use phishing emails to install malware on your devices. The email contains an attachment that, when opened, will download and install the malware. This can allow the cybercriminals to gain access to your device and steal sensitive information or commit other malicious activities.
- “We have detected unusual activity on your account. Please call this number to speak to a customer service representative.”
- “You have won a free gift card! Click here to claim your prize.”
- “Hi! We noticed that you’re a recent customer of ours. To finish setting up your account, please click this link and enter your personal information.”
- “Urgent! Your bank account has been compromised. Please click this link to reset your password and prevent any further fraud.”
- “Hey, it’s [person you know]! I’m in a bit of a bind and could really use your help. I sent you a link to my PayPal, could you send me some money?
Red Flags of a Phishing Attack
- Seems unusual or out of place
- Asks you to click on a link or open an attachment
- Ask for personal or sensitive information
- Comes from an unknown sender
- Contains typos or grammatical errors
- Contains threatening or urgent language.
If you clicked on a phishing link and/or provided sensitive information remember, it can happen to the best of us. There’s a few actions you can take to move forward and secure your account:
- Go to the legitimate website, reset the password on your compromised account and enable two-factor authentication right away. If you are using that password for other accounts, change those too.
- Forward the suspected phishing email to firstname.lastname@example.org, where the Anti-Phishing Working Group will collect, analyze and share information to prevent future fraud.
- Mark it as spam.
- Run a full system scan using antivirus software, such as McAfee Antivirus or Norton Antivirus to check if your device was infected when you clicked the link. If you find viruses, follow these steps on your device. If you still can’t remove the virus, contact a reputable computer repair shop in your area.