Cybercriminals have been upping their game lately. That was made abundantly clear following the massive Equifax data breach that exposed 143 million Americans' sensitive information.
Now that scammers most likely have access to your personal data, it's more important than ever to be aware of circulating scams. There's a new scam making the rounds that is extremely convincing. Don't be the next to fall for it, your finances are at stake!
Watch out for this tricky phishing scam
Phishing attacks can already be tricky for an unsuspecting victim to spot. That's because criminals create fraudulent emails that can look exactly like a message that would come from a legitimate company.
Then, scammers embed malicious links within the email hoping that the recipient clicks them and hands over sensitive data. Sometimes the malicious links lead to infecting your gadget with malware.
What's happening now is, cybercriminals are using online tools to create fraudulent invoices that really look official. Here's an example of a message containing a fraudulent invoice:
Image: Example of fraudulent invoice being circulated through phishing emails.
As you can see in the example above, people are being enticed to click the "My Documents" link with the promise of money. The message claims that the recipient hasn't collected the $2,500 that is available to them in their account.
Warning! Do NOT click the "My Documents" link. It's a scam.
This is an elaborate phishing scam and unfortunately, many people are falling for it. That's why it's so important that you know how to spot a phishing attack.
Here are some suggestions to avoid falling victim to phishing attacks:
Be cautious with links
Do not follow web links in unsolicited email messages, it could be a phishing attack. Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims. That's why you need to be able to recognize a phishing scam. One thing to watch for with phishing attacks are typos, criminals are typically careless with spelling and grammar. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
Have strong security software
Make sure you're using strong antivirus software on all of your gadgets. And keep them up-to-date for the best protection. This is the best way to keep your device from being infected with malware.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It's like the DMV or bank asking for two forms of ID. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it's easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
Do not disclose sensitive data
Unsuspecting people are mistakenly handing over sensitive information to scammers all too often. If you receive an unsolicited email, do not reply with personal information. You don't want it to fall into the hands of criminals. If a company that you do business with on a regular basis emails you and asks for personal information, type the company's official web address into your browser and go there directly to be safe.
Note: If you are reading this article using the Komando.com App, click here to see an example of the phishing email.
Speaking of criminals getting creative, scammers will now call you from your own number
With the recent onslaught of robocalls and scams, it's best just to let your phone go to voicemail. It’s a lot tougher to do when your caller ID appears to be from a familiar number or company. But you won't believe this. Scammers are now pretending to be you!