How To Spot An E-Mail Phishing Scam In 5 Seconds

phishing.gif

Here is a sure-fire way to spot an e-mail "phishing" scam in 5 seconds. Look at the attached scam email that came in to my inbox today.

You know it's 99.9% a scam when...

1. The fact that you get any kind of unsolicited e-mail purporting to be from your bank, credit institution or other agency that states that requires you click a link to "update" your information to unlock, unblock your account etc. In other words, an email that you did not request or expect by email after clicking on a "forgot my password" or similar link from that institution.

2. You see a link in the email that entices you to click on it to update your details. When you hover over that link, you see that it actually points to some other location other than the location is is showing you.

If you are curious and click the link, you may not even have to fill out the fake form fields that ask for every possible bit of personal information you might be able to provide. Just visiting one of the compromised servers that host the clone web page can infect an unprotected visitor with spyware or malware that can slurp up details from your PC even if you don't participate in their ruse!

In this case, when I click on the link (from my secure and protected virtual machine), I land on a page that looks identical to AMEX and then asks me to login. I can put ANYTHING in the username and password boxes, then I get a page that asks for every conceivable bit of personal information possible. I if actually complete the form and gave the scammer all those details, I would have become a victim of identity theft, credit fraud and heaven knows what else, until death. Most of the details like my Social Insurance Number, date of birth, parents names etc will never change.

Here is short video I produced that shows how this scam plays out.

http://www.police.midland.on.ca/news/video-how-protect-yourself-phishing...