Cybercrooks keep finding new ways to better their phishing tools and cyber-savvy users can get caught in phishing scams if they don’t pay close attention to the signs and signals that something isn’t quite right. Reviewing the most pervasive phishing scams is always recommended because an educated user can be the best tool against phishing fraud.

Email Phishing is currently the most popular type of phishing lure that lurks in almost every inbox. Heritage Grove has seen an increase in Amazon and PayPal phishing scams affecting credit union members. If you receive an Amazon or PayPal e-mail which includes a link, do not click on the link. Login directly to your secure Amazon or PayPal account to resolve any issues.

So what should you be looking for? Fake domain names and redirected URL’s are just a few ways phishing emails get opened and acted on. The subject line and content are designed to get a response and gain the trust of recipients by appearing legitimate. Sneaky crooks use every trick in the book to scam their way into your trust, hoping you’re not paying close attention to detail.

Closely examine URL’s, including spelling. Fraudsters transpose, add, and delete letters to sneakily misspell a web address that brings you to a bogus, exact duplicate website solely created to dupe users into believing it’s what they’re expecting to see. Subtle details like leaving the “s” off of “https” in the URL is another red flag.

Avoid clicking links or opening attachments in emails. Instead, type the true URL for the website yourself because links can easily and quickly redirect you to bogus websites and attachments can be loaded with malware. Be sure to not misspell the domain to avoid Typosquatting attacks. Typosquatting takes advantage of incorrect spellings for URLs, or typos a user makes without realizing it. Rather than use a browser to connect to websites, hackers are sitting on misspelled websites just waiting for a bite. The most minor deviations in spelling can bring you to a look-alike, spoof website, many of which disappear immediately after stealing your payment card and other information.

If you receive an Amazon or PayPal e-mail, stop and ask yourself…Have I placed an Amazon order recently? If yes, login directly to your Amazon account to check your order status and resolve any order issues. Have you paid by PayPal recently? If yes, do the same thing. Login directly to your PayPal account to check your payment status and resolve any issues.  Remember…Any personal information, including credit card information, billing/shipping address and contact information should be updated directly through their secure website and not through a link or URL provided in an e-mail.

If you have any questions or think you may have been a victim of a phishing scam, please call Heritage Grove at 503-588-0211.