Blog

The b direct logo Hive

Phish and Tips

Screen-Shot-2018-07-25-at-11.28.00-AM

phish·ingˈ
fiSHiNG/

noun

the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.


Out of the hundreds of emails you receive every week (or maybe every day ... sorry), a third may be business and half may be commercial solicitations. In addition, some not insignificant number are probably phishing attempts.

People who create and send these emails tend to do so on a very large scale. As users become savvier and more suspicious, less and less of us are falling for them. But, if a wannabe cybercriminal mastermind sends out ten million fraudulent emails and a measly 1 percent fall for the scam, they've successfully fleeced 100,000 people.

That's why phishing and other malicious digital attacks aren't going away anytime soon.

Sometimes it's easy to spot a phony email. If you don't have a relationship with Wells Fargo, but Wells Fargo reaches out to confirm your account information, you can be pretty sure that the email is not actually from Wells Fargo. You can hit "delete," or, better yet, forward it to Wells Fargo so they can try to stop the bad guys involved.

If you receive an email from an institution with whom you have a relationship, it gets a little harder.

We recently received an email purportedly from American Express. All of the Bs at B Direct use American Express Corporate Cards, so a legitimate email from that company is not out of the question. This particular email, however, had lots of red flags. Here are the kinds of errors you should be on guard for to help you know when a phish is foul:

1. Check the "From" field. Although this email said it was from American Express, the actual email address is from "americanstandard.com." If the address is hidden, hit "Reply" to reveal it in a new email (but don't hit "Send").

2. Beware of attachments, especially those with extensions you don't recognize. If you're in even the slightest doubt, don't open them!

3. When credit card companies (or banks) send you account info, they typically refer to the numbers that your account ENDS with, not STARTS with. In this example, it may interest you to know that ALL American Express cards start with 37.

4. Watch for typos. Trust us, an organization like American Express has professional writers and proofreaders.

5. and 8. Also watch for random capitalization. There's no reason that the words "Your" or "Attached" would be capitalized here.

6. Phishing attempts often use incorrect spelling, grammar and conjugation. The word "follow" here should be "following."

7. Missing words is another clue. In many cases (like this one) the messaging doesn't sound as if English is the sender's first language.

9. Keep an eye out for places where graphics are broken or out of alignment. This looks less than professional and is certainly below the graphic standards of American Express.

If you receive an email that seems at all suspicious, go to the company's website (but not through any links on the email — go directly from your web browser). Log into your account there, never from the email itself. You can also call customer service.

If you do fall for an email scam, it can be a hassle to undo the damage. But, you won't be the first — or the last — to make that mistake.

Recently, the FBI reported on a current scheme (targeting Amazon Prime members) that has claimed victims in all 50 states and another 150 countries.

The losses so far? $12 billion. 

That's one big phish story!




Mailbox Monday
Mailbox Monday

For creative marketing that really works, it’s time for B Direct.

Contact Form Popup

© 2017 B Direct Marketing Communications – All rights reserved.