Updated: Jun 15
When it comes to phishing, it is possible to lose everything with just one click. Phishing scams in the United States caused a loss of $19.7 billion in 2020. The scammers manipulate our emotions. As the capstone article for our Mental Health Awareness contributions, I want you to be informed so you can protect yourself and your lifestyle. -- Peter
When you heard that someone was scammed $12,000 on the internet, what might have gone through your mind? Victim was gullible, greedy, or both? Someone may not be very good with technology? Or perhaps you may think that you will never fall victim to such a scam. Read on to learn the tactics scammers use. Doing so will empower you to recognize their strategies and avoid the situation in the first place.
What is phishing?
Scams begin with phishing - an email, text message, or phone call pretending to be from a reputable source (e.g. Amazon, Microsoft, Paypal, etc…) in order to convince you to reveal personal information.
In the example laid out by Mark Rober in Glitterbomb Trap Catches Phone Scammer, it was an Amazon email telling the receiver they had an uncollected credit, and the company wants to refund it. But in reality, the scammer is trying to connect with you to obtain your personal information such as a bank account or credit card number.
Or, you may receive an unexpected check for $8,000 in the mail. After you’ve deposited the money, someone will call and ask for your bank account information so they can retrieve their $8,000. Next thing you know, your bank account is completely empty.
How to Protect Yourself From Phishing Scams
Scammers are constantly repackaging new ways to perpetrate old ploys. Whether you’re contacted by phone, mail, email, text, or in-person, the following tips provide advice on how to spot a scam.
A Generic Greeting: Since phishing emails are sent out in bulk, they often use generic greetings with no personalization (like “Dear User”) or may skip the greeting all together.
A Deceptive Email Address: Carefully review the sender’s email address, because a phishing attack can be off by even just one letter. For example, an email may be from “firstname.lastname@example.org” in an attempt to fool you into thinking it’s a legitimate message from the Amazon support team. Remember, your brain will fill in missing letters for you -- something these scammers are counting on.
Misspellings or Grammatical Errors: Many phishing emails come from cybercriminals in foreign nations. If the language in any email seems awkward or just not in the normal tone of the assumed sender, treat it with caution.
Request to Update or Verify Account Information: Scammers will often generate emails that prompt you to verify your account information, spoofing well-known and trusted institutions. When you click the link, it goes to a fake login page that is generated to seal your credentials. If you receive a message like this, contact the company directly and not with the information found in this particular email.
A Sense of Urgency: The goal of a phishing attack is to trick you into clicking on a bad link or attachment. Using social engineering tactics, scammers create messages that elicit an emotional, immediate response. This urgency is a major red flag.
Deceptive URL’s: The linked text in an email doesn’t have to represent the true destination. To check the link without clicking on it, hover over the text and the actual destination URL will appear. In phishing emails, the URL may still closely resemble an authentic site so be on the lookout for extra dots or a missing letter.
An Attachment: In the age of phishing, all attachments should be approached with caution, particularly if you were not expecting an attachment. Contact the sender directly before opening.
If an email seems odd or out of character, it is best to exercise caution. Do not click on any links or attachments. If you receive a phone call requesting your bank account, credit card number, or personal information, do not share this information over the telephone. Ask them where they are calling from. Then, do your own research to contact the company directly. Do not use the phone number given to you by the caller. If you suspect there may be foul play, contact your local law enforcement.
What to Do After Recognizing Warning Signs
If you see any of the warning signs above then it's best not to engage with the scammer at all.
If you have concerns about whether a request is legitimate, speak to a trusted friend, family member, or local law enforcement.
If in doubt or if emotions are high, take a pause and get a second opinion from a trusted advisor. There is no harm in waiting a few days so you don’t react and share information with a criminal.
Anti-Phishing Working Group (APWG). The APWG is an international coalition unifying the global response to cybercrime. You can help their efforts! If you got a phishing email, forward it to the Anti-Phishing Working Group at email@example.com. If you got a phishing text message, forward it to SPAM (7726).
National Fraud Information Center. Fraud.org is a project of the National Consumers League. This organization reports fraudulent activity to the federal government and maintains detailed records of fraud incidents. It also provides links concerning whom you can contact within your state for assistance.
Federal Trade Commision Fraud Reporting (FTC). You can report phishing attacks to the FTC. Your report is shared with more than 3,000 law enforcers.
Internet Crime Complaint Center. The FBI and the National White-Collar Crime Center run a site called the Internet Crime Complaint Center. It features many tips and other helpful information about avoiding email scams and what to do if you fall victim to one. It also offers a link for filing a claim against a third party who stole your identity or made an attempt.
Getting Scammed Can Impact Your Mental Health
The repercussions of financial scams and identity theft -- the two primary goals of phishing scams -- can be long lasting. From financial loss to closing compromised accounts and restoring your credit score to working with institutions like the IRS, the stress can be overwhelming.
Low self-esteem, anxiety, and feeling out of control are just some of the emotions victims of phishing scams can experience.
One of the contributing factors that elongate these emotions long after a financial crime occurs is the fear of revictimization. Victims of identity and financial fraud may experience revictimization because their personal information has already been compromised, so there’s a chance that their names are still available on the black market.
Avoid these financial and emotional impacts of fraud by taking preventative measures to protect your personal information from scammers. View emails, text messages, and phone calls from individuals you do not know with a heightened level of scepticism. Look for red flags, monitor your accounts, and seek help if anything seems off.
- - - - - - - - - - - - - - -
About the Author
Peter Newman is a Chartered Financial Advisor (CFA) and president of Peak Wealth Planning. He works with individuals nationwide that have accumulated wealth through company stock, ESOP shares, real estate, or running a business. Peter applies his unique background to help clients achieve their specific goals and enjoy peace of mind.
Peak Wealth Planning provides concierge services to meet your wealth management needs. Services include: financial planning, investment management, esop diversification, retirement income, insurance, and estate planning advice. Peak Wealth Planning is a fee-based financial advisor based in Champaign, Illinois, and Fraser, Colorado.