Common Phishing Scams
"Phishing" is the practice of sending fraudulent emails or other messages from seemingly reputable companies to have individuals reveal information such as passwords and credit card numbers. Here is a list of some of the most common phishing scams that compromise your personal information or, even worse, your funds:
e-Cards — Who doesn't love to receive a nice card? But is that link to an eCard actually from your family, friends or coworkers? Disguising a phish as a greeting card is a simple and effective attack tactic to get you to open a bad link.
Discounts — It feels good when you get to save with a discount code, and many merchants do send legitimate emails advertising sales. However, attackers often take advantage of this masquerading as merchants sending can't-miss deals.
Social Media Ads — Not all ads on social media are legitimate offers. Items shown at a lower price may mean a fraudster is out to get your information or money from you.
Travel Notifications — When you're traveling or planning to travel, you won't want to miss important updates. It can be easy to fall for a spoofed email, so be sure to treat any travel communications with a healthy dose of suspicion.
Package Delivery — Scammers pose as postal and delivery carriers sending urgent email updates regarding package deliveries. If the sender does not match the company you made any recent purchases with, delete the email. Instead, log in directly to your account via the seller’s website to confirm tracking information.
End of the Year Attacks — The end of the year provides attackers with a number of potential topics that allow them to take on an authoritative tone and create a sense of urgency for the recipient, including:
- Paid Time Off balance notifications with your employer
- Unfiled expense reports
- Urgent year-end deadlines
Office Invites — When companies plan office events, they often send invitations by email. Attackers can spoof invitations and craft compelling phishing emails.
Charity Donations — Beware of spoofed emails from common charities. Attackers often pose as these organizations to take advantage of your generosity.