By Susan Bach
Wisconsin Better Business Bureau
Phishing emails – alleging to be from Verizon, Walmart, Best Buy, Ebay, LinkedIn, the US Post Office, American Express and even the BBB – have filled my inbox this week. What’s a phishing email, you ask?
It’s an email sent by a scammer attempting to obtain personal information about the recipient to steal their identity or financial information. These emails are sent out randomly as bait, with the hope of hooking at least one victim, hence the name “phishing.”
One thing the phishing emails all have in common is a request to click on a link to update the recipient’s account, confirm an order, win a gift card, etc. Unfortunately, clicking on the link will take you to a website that will plant a virus or spyware onto your computer. It might search your hard drive looking for your personal information, or wait patiently until you log into your bank’s website and then record your keystrokes as you enter your account number and password.
To the untrained eye, it might be difficult to tell which emails are real and which ones are fake. Indeed, I’ve noticed that the quality of phishing emails has improved, unfortunately! It used to be that typos, bad grammar and misspellings were dead giveaways. Now, not only is the grammar perfect, but the email contains company logos (that the scammers have no doubt stolen from the internet) in order to make them appear legitimate.
Fortunately, there’s a foolproof method you can use to tell whether that email is “phishing” for information or is legitimate. Scroll down to one of the links contained within the email and hover your cursor over it (without clicking on it). When you hover, the actual website associated with the link will appear. For example, I received an email today from “American Express”, asking me to confirm my email address. Funny, I don’t even have an American Express card!
There’s a link in the email and I’m supposed to click on the link to update my address. The link says it’s www.americanexpress.com, but when I hover over it, it’s actually something quite different! In fact, the website address has an .uz ending, meaning the domain name was registered in Uzbekistan.
So don’t be fooled by these emails that claim they want to give you a free gift card or are (ironically) trying to warn you about suspicious activity on your account. Use this simple “hover” technique to find out who is really emailing you!