February 2, 2022

Don't Click That Link


It looks like the bad guys are trying to get people to click on bad email links again. We have certainly seen an uptick in these types of emails. Many people have fallen for these scams. According to Verizon, 32% of all successful data breaches happen because somebody clicked a link they shouldn’t have. This is true even though most businesses have an email filter. The last step of the cyber security chain is the person who decides to click the link. It is important to understand the kind of email attacks sent towards you so that you can avoid them.

What is Phishing?

A phishing email (pronounced like fishing) is an email that tries to deceive you for various reasons. They attempt to get you to disclose information you should keep private, such as your passwords or banking information. The email often appears to be from a person or business that the victim trusts, which makes these messages dangerous.

If you receive an email asking for your date of birth, social security number, phone number, credit card information, home address, or password information, delete it immediately. If you click a link in an email that takes you to a web page that asks for that information, close the webpage right away. If you are not sure, give the company a call and ask them if the email is real or not. Chances are it is a fake.

Don’t just trust the email because it looks real. It is extremely easy to steal a company’s website, including logos and other information, make a few changes, and upload it to a criminal-owned website. When the victim enters information into this website, they give the criminals their personal information.

Criminals will use this information to impersonate their victims. They might use this information to apply for credit cards or other loans. They may perform a more targeted attack requiring personal information, such as filing fake tax returns with the IRS in your name, called spear phishing. Several variations of these attacks include sending fraudulent text messages and social media requests (smishing). Another popular method is to leave phony voice mails (vishing).

Despite their somewhat amusing names, these are all dangerous messages on various platforms that need to be avoided. These messages often threaten to deactivate an account, such as your ITC email account or claim that you are the victim of credit card fraud. Other messages might ask you to transfer funds for family members or coworkers in jail. Others will tell you that your delivery needs to be rescheduled and provide you with a link to click on. None of these messages are real, and they should be deleted immediately.

Remember, as tempting as it might be, don’t click links on emails you weren’t expecting, and don’t enter any personal information into a website that was emailed to you. If you believe that you are the victim of an Internet crime, you should change your passwords immediately. You can also contact the FBI at https://www.ic3.gov/ and file a complaint and get more information.