More on Phishing

More on Phishing: a reader asks…

Hi Chris, I’ve received an email from Paypal that says my account has been limited in service. It gives a transaction number but I don’t recognize any of the details. What should I do?

You have been subjected to a phishing attempt by some nefarious hacker, and the email is a fake. You sent it to me, so I’ve pointed out the two areas where you can quickly tell that it’s a fake:

1. The email comes from a URL that isn’t paypal.com (it’s apaypal.com, similar but not the same company).
2. The link they give you to log into your paypal account is not a paypal.com URL

Phishing is defined by Google as:

the activity of defrauding an online account holder of financial information by posing as a legitimate company

I would extend that definition to include any attempts to portray yourself online as someone other than who you are. There’s a lot of fake email running around the internet (some would say the majority of all email is fake). Same for fake websites. Often the URL is very close to the legitimate business, such as Paypal.com but with the url paypaol.com or payil.com or apaypal.com, or wellsfargo.com but with the url memberservice.com. The sad fact is that it’s impossible for a consumer to verify who actually sent an email, so my recommendation is to treat all email as potentially fake. Never open an email from a business unless you’re expecting such, never click on a link in an email, and never respond to any unsolicited email.

The hyperlinks in an email (or on a website) are absurdly easy to fake. Here’s a (safe) example:

• http://www.google.com as you read this it says it’ll take you to google, but I’ve made it really point to my own website
• https://positek.net and this one actually points to Google.

So never click on links, even though they are very handy and easy. Your best bet is to open a web browser and type in the URL to where you want to go. Clicking on a link can easily take you someplace unsafe, and that’s all it takes to infect your computer with malware, adware, spyware or a virus. Remember that your protection programs really are only good at protecting you from bad stuff that’s already been discovered, not new bad stuff. And new bad stuff is coming out daily, the hackers are working very diligently to mess you up – check out this article and see if your computer has already become a ‘zombie’.

And for you Apple Mac users (or any tablet or smartphone), don’t think you’re immune, phishing doesn’t matter what kind of computer you use, it’s a social engineering type of hack that gets you to divulge your personal information (login username and password, account numbers, etc.). Same for any computing platform – you need to be very wary of email. Email is an old system that was never designed for security, and the hackers have been capitalizing on that ever since the first email was sent. Just sayin…

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

(@PosiTek)

(Support@PosiTek.net)

using any credit card

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!