It has become increasingly easy to become a victim of credit card fraud. In the past, protecting your credit card numbers and bank accounts was relatively simple, but today’s cyber criminals employ sophisticated scams — the devious practice known as “phishing” — designed to steal your account credentials, gaining access to your finances, creating identity theft nightmares for you and your business. I offer this article as an overview of one of the most common fraud techniques and how not to fall victim to it: fake emails.
One of the earliest forms of phishing, and still one of the most prevalent, is the use of official-looking emails to trick you into clicking on a link leading you to a trap. The sender will purport to be from PayPal, or your bank, or another major bank, or perhaps an eCommerce site such as Amazon.com. The email will even incorporate their logo. The message will typically be addressed to “Dear Customer”. (The fact that it is not addressed to your actual name is a red flag.) The message will indicate that there is a problem with your account that needs resolving, or there is an important security alert. You will be asked to click on a link which takes you to a fake website that is convincingly similar to the official website, where you will be asked to fill provide personal information such as your credit card number, expiration date, and security code (CCV). Even worse, some emails may include a form in the actual email. NEVER fill out a form in an email.
So how do you protect yourself from credit card phishing? The first line of defense is good security software. Every computer in your business and your home needs to be protected with a top quality — and updated — anti-virus program and spyware remover. Your email client should have a spam-filter. These are the baseline software protections, but there are only a backup. Equally important is the continued use of common sense. Be suspicious and if you have any doubts about links in emails, do not click on them. Do not communicate with PayPal, your bank, or your credit card issuer though any unverified means. If you need to contact these agencies, call the number on the back of the credit card, or type their URL directly into your browser.
Here are a few additional tips to avoid becoming a victim of cyberfraud:
- Never respond to unsolicited e-mail (spam).
- Never click on links contained within an unsolicited e-mail.
- Only open email attachments from known senders. Scan the attachments for viruses if possible.
- Compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
One final word of advice: if you think you have been the victim of a phishing scam, contact the credit card issuer immediately, then contact a computer maintenance professional to inspect your hardware for malicious software you may have inadvertently downloaded.