Hawaii’s Better Business Bureau (BBB) is educating consumers about phishing scams that are making the rounds, trying to obtain account information.
Thieves are counting on people anxiously awaiting to receive their packages and deliveries before Christmas.
“Scammers are sophisticated and can create realistic looking websites and emails that appear to be from legitimate businesses in order to obtain your personal information,” says Gregory Dunn, president and CEO of BBB Serving Hawaii. “It could be as simple as a slight misspelling of a word to trick viewers into believing they are being contacted by the actual business.”
Here’s how the scam works:
You receive an email that appears to be from Apple, Amazon, FedEx or some other reputable company.
The email prompts viewers to download an attachment or click on a link that will ask them to enter their account information, to “verify” their account, or regain access to their account.
In some cases, viewers have been asked to also provide their credit card information and other personal and financial information.
But by clicking on the link or opening the attachment, malicious malware is instantly downloaded onto the user’s device, compromising any personal information stored on that device.
You can protect yourself. The BBB offers the following cybersecurity tips:
- Don’t believe what you see. Scammers can easily copy a real business’ colors, logo and even email address. Look for slight misspellings of the business’ name or slight differences in the logo or URL.
- Hover over links to check their source. Place your mouse over hyper-linked text and the true destination will appear. If you don’t recognize the website destination, don’t click on it.
- Look at the email address that it comes from. Scammers will usually use a “From Name” that looks valid, but if you look at the actual email address that it comes from, you can see that it’s not from the company’s main domain.
- Be wary of unexpected emails that contain links or attachments. Do not click on links or open the files in emails unless you know sender and are expecting it.
- Watch for poor grammar and spelling. Scam emails often are riddled with typos and usually indicate that English is not the writer’s primary language.
- Ignore calls for immediate action. Scam emails try to get you to act before you think by creating a sense of urgency. Remember, if it has to be now, it has to be no.
- Update your antivirus. Regularly updating your security software and firewall will go a long way in protecting your computer should you happen to click on a malicious link.
- Call the company to verify the email. If you’re unsure about whether an email is suspicious, look up the company’s official website and call them directly to confirm they actually sent the email. If they can’t verify the email and its details, you know it’s a phishing scam.
- Report it. If you receive a phishing email from Apple, forward the email to firstname.lastname@example.org. To report other suspicious emails from Apple, check out Apple’s other resources when it comes to phishing and other suspicious emails.