Tag Archives: phishing scams

Stay Safe Online – Part 1

Just this morning we read that 100% of attacks on computers are criminal in nature. What does that mean? Simply that hackers aren’t out just to have fun, they are actively trying to steal your personal information. It’s not only personal computers that are under attack. Read this story about how a major Canadian bank was scammed out of $87,000.00: Bank of Montreal Gets Scammed  Once you read the story, you’ll see how all of this started. The customer’s email account, which had been hacked, was used to initiate the process.

We’ve written posts about how you can protect your email account(s). Here’s a link that shows some of them: Email Password Protection Make sure you read as much as you can about using a strong password as well as how to enable two-step authentication. For that matter, make sure you use multi-level authentication for virtually everything you do online. Most email providers as well as banks, social networks and financial institutions already require this. Make sure you take advantage of it.

Enough preamble, let’s get to a new type of scam that you might fall prey to. This involves Google Maps. Bear with us while we explain how it works:

1. If you run a business, you can put your location and business information right there on the Google map of your city, complete with your street address, your logo and your phone number. This is where the danger is, that phone number.

2. Hackers have found a way to install fake telephone numbers in Google Maps. Let’s say you’re looking for a bank branch in another city. It’s easy to check a bank’s name, just type it in and you’ll immediately see little flags all over the map. This works for anything, restaurants, hardware stores, police stations, etc. Here’s an example of the information you might see:

Photo of Bank Address from Google Map
There’s the bank’s number. Wait, is it a real number or a scammer’s number?

 

 

 

 

 

 

3. Before you call the Citibank number, it might be a good idea to check the number somewhere else, let’s say on Citibank’s real website. Use the map for the location but NOT for anything else. This doesn’t apply only to banks. Here’s a link to the story explains the exploit and how several people thought they were calling the FBI but were really calling a hacker, this time an honest one:

FBI and Secret Service Calls Intercepted by Google Maps Exploit

These are a few things to watch out for when you’re online. In our next post, we’ll get into a bit more depth on these scams and how you can protect yourself from them. Stay tuned. In the meantime, ask questions or comment below or on our Facebook page.  Here is the link to it:Computers Made Simple on Facebook.

Thanks for reading!

________________________________________________

Here’s a link that might help us if you are interested in hosting your own blog with Fatcow Hosting. We’ve signed up to become an affiliate and we make a bit of money if you sign up for hosting via this link: FatCow Hosting Thanks!

 

 

Avoid Phishing Website Tricks

We had a curious experience this week that made us realize how easy it is to be tricked by an unscrupulous website. Here’s how it happened and here’s what you can do about it:

1. When you are on a Facebook page, you’re usually quite safe, right? It’s when you click on a link in a comment or beside a photo that you might get into trouble. Here’s an example of what we’re talking about:

Photo of Phishing Tricks  1
The photo itself isn’t the link, the blue line is.

In this case, you can click on the photo to enlarge it or you can click directly on the link. Where does the link lead? We don’t know, do we. The link has been shortened. When a link looks like this, you have to ask yourself, “Is this safe to click on?” In spite of the fact that we know and trust ‘Home Design’, how do we know their account hasn’t been compromised (hacked)? We don’t. Is it worth clicking the link? Better not.

2. Here’s an example of a safer link:

Photo of CBC Url.
The CBC uses full links, not shortened ones. It’s obvious where this link leads.

Just for extra security, hover your mouse over any link on a page then look down at the bottom of your browser window. The real url of that link will be shown there. Like this:

Photo of Phishing Tricks 3
Here is the real URL of the link, in this case it’s the same as the link in the CBC post.

3. Next, the phishing attempt. You’re already on Facebook. You know that. When you click on a link and the page that comes up happens to look like a Facebook page and asks for your password, wouldn’t that set off your warning alarms? Facebook knows your password, you are still logged into it. Why would they be asking for that password again? They’re not. The link from Facebook led to a page that only looks like it belongs to Facebook. Look up at the top of your browser window. This is what you should see if you are still on a Facebook page:

Photo of Phishing Tricks 5
Make sure the url reads: https://www.facebook.com

4. The above information is for Facebook but this also applies to your email, Twitter, Instagram and other accounts that you must sign in to use.

TIP: When you find yourself on a page that asks for your password, close your browser, reopen it and type in the URL yourself. If you happen to click on a link in an email and a page opens that asks for a password, close the tap, open another one and type the address that you want at the top.

We hope we’ve given you some useful tips about how to guard your identity online. There are many different ways that unscrupulous people can get access to your different social networking accounts. If you have questions or tips about this yourself, let us know.

Thanks for reading.

 

What is Phishing

Phishing is a new word but it’s very popular these days. What does it mean? Phishing is an attempt to trick people out of their social network or email passwords. Here’s now it works.

This morning, a company that we follow on Twitter sent us a direct message. A direct message on Twitter is much like an email between two Twitter users. Here is what the message looked like:

Photo of a phishing direct message on Twitter.
Check the spelling. Pretty obvious that this isn’t something that a company sent.

 

How would you know this is a phishing attempt? This direct message has a link in it, that’s a key give-away. Also, check how Lick’s used ‘u’ instead of ‘you’. Would a company send out a message with bad grammar in it? That is a second clue. Third, this message was received on Twitter. Why would Lick’s include a link to Facebook in a direct message on Twitter?

Don’t EVER click on a link in a message like this. What happens if you do? If you do click on a link in a phishing email, you will be taken to a page that looks very much like a Facebook or Twitter page. That page, which isn’t a real Facebook or Twitter page, will ask you to log in to your account. Because the page is extremely well made and looks identical to a Facebook/Twitter log in page, people often log in. At that point, the fake page steals your account, changing the password as it does, and starts sending out messages or posts using your name.

Since it seems that these messages are coming from you, your friends click on the link in the message and the fake site gets even more passwords. The circle gets much larger with each click.

Sometimes these links lead to sites that install software on your computer that will steal your personal information, your banking passwords, things like that. Everyday there are new phishing emails sent out, new phishing posts on Facebook and Twitter and, unfortunately, new users who are tricked into clicking on the links. Watch out for this trickery, folks.

Thanks for reading!