[WEB TOOL]  I recently received an email from “eBay” that I thought could have been a scam… but it was very convincing.

The name of the company was in the email address and the logo was at the top. It looked like any other legitimate email that I’ve received from eBay. However, that little voice inside my head said, “Something’s not right.”

When you get something that looks “fishy”… it may be “phishing”. The question is, how do you know?

Let’s take a look at what “Phishing” means in the tech industry. It refers to sending you email messages, asking you to go to a website and calling you on the phone to gather sensitive information and / or put malicious code on your computer… in an attempt, eventually to steal money from you. Yikes!

So let’s take a look at some details that can clue you into a scam, as well as what to do if you’ve been targeted.

How to Identify a Phishing Scam

In Email or a Text Message…

When you receive an email that you question, here are a few red flag items to consider:

  • It appears to be from a well-known company like Facebook, PayPal, Dell, etc..
  • There can be spelling errors.
  • It contains threats like, “Change your password now or your account may be suspended,” or “Log into your account to update your information or you may be permanently blocked.” (See highlighted example in the email image above.)
  • There are links in the email that they want you to click on. The link may look “real” but if you mouse over it (without clicking on it) you can reveal the actual web address.

In a Phone Call…

You’ve probably heard about these calls (or may have even received one)…

  • They claim to be from the IRS and try to threaten you into giving them credit card information so that you can avoid penalties. Know that it’s standard policy that the IRS will notify you by letter if there is an issue with your account.
  • The caller may say they are from a major computer or security company telling you that your computer has been compromised and they can help you download software to fix it. Be aware that companies like Microsoft and Apple state on their website they do not engage in cold call selling of “computer fixes.”
  • They tell you that you’ve won a prize or vacation and all you have to so is pay the taxes….
  • Sadly there are scams that identify themselves with a “fake” charity (like your local police or fire department) and appeal to your sense of giving.
  • They try to direct you to a website to update your password or put in credit card information.
  • The caller may pretend to be a family member, friend or friend of a family member requesting immediate cash due to an “emergency”

What Should You Do if You Suspect Phishing?

If You Receive an Email that Looks Suspicious:

  • Don’t ever click on any links in the message. So, if it’s from a company where you actually have an account, as in our example with eBay, log into your account from their website directly. Most likely if there’s a real issue, you’ll see a notification in your account messages. Or call the company directly and inquire about the content of the email.
  • You can do a little bit of research to look for evidence that this is phishing. Do a Google search by typing in the main message or subject line of the email. The results may show that other people have received this same type of email. Look for articles about phishing connected to that company name. Often on an organization’s website they will show examples of these scams and what you should do.

  • Report the email to the company from which it supposedly came. These large organizations have cyber security departments that want to be made aware of these types of emails.
  • Forward the email to your IT department if that is your organization’s policy.

If You Receive a Questionable Phone Call:

  • Screen unrecognizable phone numbers and simply don’t answer them.
  • Hang up immediately if you think the call is suspicious.
  • If it is obviously a phishing call and you want to report it, write down the phone number and file a complaint with the Federal Trade Commission. 
  • Above all, don’t ever give out sensitive information like a bank account or credit card number even if you think the call “could” be legit.
  • If you want to be sure there isn’t an issue with a real account of yours, call the company directly at their main customer service number.

In general, stay vigilant. These scams are constantly changing as they use new tactics every day to gain your personal information.