Joe Marullo Insurance & Retirement Services
16818 Doverwood Way
Houston, Texas 77058
The IRS published its top scams to help the US Taxpayer avoid being taken advantage of and cheated. One of the biggest scams and one that has grown in its use is Phishing. Let's start with the basic definition of Phishing and how harmful it can be.
According to the IRS. "Phishing scams target individuals with communications appearing to come from legitimate sources to collect victims' personal and financial data and potentially infect their devices by convincing the target to download malicious programs."
We called these people criminals; now, of course, we have selected a section of these lawbreakers and renamed them: Cybercriminals.
Thieves, criminals, cybercriminals all are after the same thing, your money. The process usually starts with some communication designed to lure you into "clicking" on a link or a text. This allows the "bad guys" to access your electronic device, learn more about you, and generally find the "key" way to your money or banking accounts. Emails and texts are not their only tools; these "slime balls incorporate all sorts of social media posts or messaging."
On the surface, these schemes look legitimate, and they can be tricky to detect. Many are cleverly disguised as an official-looking message, mimicking the IRS and other authoritative government departments. If you receive one of these inquiries, do not be afraid, help is found in many places. The first rule is to never respond (click) to anything that scares you or looks like it might be official. The IRS does not use email to communicate with you regarding any tax that may be owed. The IRS uses the US Post Office for their communication.
One large Phishing effort is tied to our government's recent stimulus checks program. But once you click on that link, you're sent to a spoofed website that might look nearly identical to the real thing, like your bank or credit card site, where you are enticed to enter sensitive information like passwords, credit card numbers, banking PINs, etc. These fake websites are used solely to steal your data, which is sold to other sources who use it to access your funds and assets.
Like all things, Phishing has evolved and grown more seductive with new and various variations and techniques.
For an attack to be successful, it must complete three steps:
During each of these steps, there are defenses you can implement to thwart the attack.
Here is a link to Carnegie Mellon University Software Engineering Institute: Defending Against Phishing (cmu.edu)
Does this all seem hopeless? I know in a way it does, but you have the ultimate solution. Don't open unknown emails, don't click on links you are not sure of, and ask for help. Together we can stop these creeps and let them Phish where they should be, in the Big Tank!
Safe Money insights and tips sent to your inbox twice a month.Sign Up Now!