Phishing & Spam

Phishing

Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients.Typically, the messages appear to come from well-known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, Best Buy, and some banks. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts a lure out hoping to fool at least a few of the prey that encounter the bait.

Spam is most often considered to be electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited email. However, if a long-lost brother finds your email address and sends you a message, this could hardly be called spam, even though it is unsolicited.

Real spam is generally email advertising for some product sent to a mailing list or a newsgroup.

What is a spam (junk mail) offer?

Spam is unsolicited (or junk) Electronic messages sent by email, SMS, MMS or instant message. Spam messages can offer free goods or ‘prizes’, very cheap products (including pharmaceuticals), promises of wealth or other offers that could result in you taking part in a scam. You might be asked to pay a joining fee, to buy something to 'win' a prize or some other benefit or to call or text a***1900 telephone or fax number

(Note: calls made to these numbers are usually charged at premium rates). So be very cost wary about calling any 1900 telephone number

Spam Cont’d

You may find that malicious software like spyware or key-loggers has been downloaded onto your computer. You may find you are bombarded with more spam messages. Your credit card numbers or other personal details may be stolen. You may send away money for something that never arrives or is not what you thought it would be.

Spam messages can offer you anything and everything—from fake University degrees to pirated software and counterfeit designer watches—it pays to be suspicious and delete unsolicited emails./ ignore spam type telephone calls

Spam Warning signs

You receive an unsolicited email that contains:• an invitation to participate in any type of lottery or

sweepstake • an offer of uninvited gifts or goods from any source • an offer from overseas • a request to pay a fee to receive more 'benefits'

from the same provider • an offer from an unregistered lottery • an offer of special benefits (e.g. wealth, love, health)

Warning cont’d:

Phishers , Spammers etc. ringing you or knocking on your door

can sound very very genuine, And they maybe male or female, but they really are just out to try and con you out of your money etc.What are some of the things these terrible con people want from you?• To talk you into giving them your personal information or

access to your computer.• To steal your identity by offering a free iPad or similar for a

copy of your drivers licence , birth certificate etc.• To get your credit card details so they can use your card to get

cash, , buy items / all of which costs you money• To get your bank account details to get at your money.

Do not call registerAre you registered with the do not call register? Remember, even if you did register, you need to do it again as the first registration was only valid for 3 years- so you need to register again. The second registration is valid for 5 years Call 1300 792 958….. to register, or to check ,if you are currently registered for your home number and & or your mobile number.

Some examples to consider.

Phone calls or letters telling you that you have won a raffle prize, or telling you that you have lottery winnings to collect. Are a con! Don’t fall for it! • Unwanted mail appearing in your letter box• Unwanted e-mails coming into your computer• Unwanted phone calls telling you your internet is too slow or your computer has a problem and they offer to fix it for you on line.• DON”T accept! Tell them you don’t have a computer!!

Unwanted phone calls from people saying they are from.--E.G. The Australian tax office or from a Bank. E.G. Westpac. Or From Telstra, QANTAS, OR Virgin airlines etc. All these type of calls are very suspicious! Just say I’m not interested and put the phone down!!!

XXXXXXXXXXXXXXX A selection of

Recent examples of “spam and Phishing” stories published in The “Black and White” page in

the Herald SunXXXXXXXXXXXXXXX

So what should you personally do if you get any of these approaches?

call ---Scam watch on 1300 795 995 or Just hang up if you get an unwanted phone call, don’t engage in conversation!

• Ignore anything that sounds too good to be true!!!- Because it generally isn’t true, be it attractive sounding offers over the phone, in the mail, or over the internet etc.

E.G. If a phone call from someone who says they are from the bank might intrigue or interest you, but you are not sure, and you might say you want to ring back to your bank to be sure,

Whatever you do, don’t ring back to any phone number the caller gives you. Most important !

Look the phone number up yourself. So much safer!

Just remember banks don’t just ring you or send you e-, emails Your bank will never ask you to send your passwords or personal information by mail.

Never respond to these questions, and if you have the slightest doubt, call your bank directly for clarification.

General tips:

2.Consider using the Use the Block sender facility on your computer, if you use one, for repetitive spam2 A. Use the BCC line when forwarding / sending e-mails to many contacts.Try and avoid using the To line3.Fake email address (temporary email, disposable email)almost never get any additional spam email. Use a fake email address account to hide your personal email address. Such an address can be a Hotmail account or a temporary email address like our service at www.myTrashMail.com. The major difference to your personal email address is that you use this "fake email address" only once.By not disclosing you personal email address and using a temporary email service like www.myTrashMail.com

General tips cont’d

If you have & use a credit card.---

1.Don’t let it out of your sight when using it to pay for something. And if you do happen to not be able to see it properly when it is in someone else’s hands, check that it really is your card that is being handed back to you.

Tips to prevent Phishing

Here are a number to Prevent Phishing Attacks1. Learn to Identify Suspected Phishing Emails• There are some qualities that help identify an attack through an email:• They duplicate the image of a real company.• Copy the name of a company or an actual employee of the

company.• Include sites that are visually similar to a real business.• Promote gifts, or the loss of an existing account.2. Check the Source of Information from Incoming Mail

Your bank will never ask you to send your passwords or personal information by mail. Never respond to these questions, and if you have the slightest doubt, call your bank directly for clarification.

Tips to prevent Phishing cont’d

3. Never Go to Your Bank’s Website by Clicking on Links Included in EmailsBe wary of clicking on hyperlinks or links attached in the email, as it might direct you to a fraudulent website.Type in the URL directly into your browser, or use bookmarks / favourites if you want to log in faster.

4. Enhance the Security of Your ComputerCommon sense and good judgement is as vital as keeping your computer protected with a good antivirus to block this type of attack.In addition, you should always have the most recent update on your operating system and web browsers.

Tips to prevent Phishing cont’d

5. Enter Your Sensitive Data in Secure Websites Only As stated previously, In order for a site to be ‘safe’, it must begin with ‘https://’ and your browser should show an icon of a closed lock.vvv

6. Periodically Check Your AccountsIt never hurts to check your bank accounts periodically to be aware of any irregularities in your online transactions.

7. Phishing Doesn’t Only Pertain to Online BankingMost phishing attacks are against banks, but can also use any popular website to steal personal data such as eBay, Facebook, PayPal, etc.

Tips to prevent Phishing cont’d

8. Phishing Knows All LanguagesPhishing knows no boundaries, and can reach you in any language. In general, they’re poorly written or translated, so this may be another indicator that something is wrong.If you never you go to the Spanish website of your bank, why should your statements now be in this language?

9. Have the Slightest Doubt?  Do Not Risk ItThe best way to prevent phishing is to consistently reject any email or news that asks you to provide confidential data.Delete these emails and call your bank to clarify any doubts.

Summary To be safe, just ignore or hang up on unwanted phone calls,

Delete unwanted e-mails or SMS messages

Or if you feel obliged to respond in some way,

I’m Not I’m not Interested!!!

Have a nice day!

Bryan Paten July 2015