Your bank emailed you… or did they? What does an email from a cyber-criminal look like compared to your bank? For example, Bank of America.
The email above LOOKS so authentic…
What is RIGHT?
- Bank of America logo looks real.
- Color and style of email is similar to Bank of America’s customer emails.
- Return email address is one of those used by Bank of America.
- Website appears to be a Bank of America website.
What is WRONG? (You need to watch for this information.)
- The formatting of the email is not correct.
- The typeface of the P.S. is different.
- The signature is BOA Member Services Team, which is not used today.
- The copyright is BOA LLC, not Bank of America.
The more sophisticated thieves direct you to a website that looks like your bank. See the example below. Do you know how to recognize it is a hoax designed to capture some of your private information?
One way / ANSWER: ALWAYS look at the domain name address. Make certain you are confident it is correct. If it appears to be suspicious, then do not proceed.
All of the other aspects explained below about email phishing also apply to a website. These are relatively simple ways to confirm what you click on is safe.
Ways to identify phishing and spoofing emails include:
- Links that appear to be from your bank… but are NOT – Test any link by placing your cursor it, but do not click. Your email program should display the destination URL. Does it match the correct web address to your bank? If not, you can search past emails you have to see if it is another domain name used by your bank.
- Urgent requests – Banks do not threaten to close your account if you fail to respond to an email.
- Warnings about system and security updates – Banks may inform you of pending system upgrades and/or security updates, but they do not require any personal information from you to complete these changes.
- Requests for personal information – No reputable bank ever asks or demands that you reply via email with your personal information, such as your driver’s license #, Social Security #, ATM or credit card #, PIN #…
- Do NOT fall for “the deal” – Banks are not hucksters. They do not push you to ask you to do something and in return you get a huge payoff. They do not pay you to complete surveys. They do not ask you to do anything that requires you to enter your account number, PIN…
- Obvious typos, grammar, and formatting errors – As mentioned above, although cyber thieves are smart they still seem to make mistakes in their email requests. However, be warned: Today, the mistakes they make are rare. The phishing emails and websites now online posing as your bank can be very convincing. You may have to choose safety over timeliness.
- Someone once said, “Assumptions are the mother of all mistakes.” Do not assume your computers, mobile devices, and networks are secure from phishing, ransomware, and other cyber theft attempts. Confirm
Business Needs: If you are concerned about these risks for your business or nonprofit, then don’t wait. Email Marc Wishnow or call (212) 642-0980 to schedule a free, no obligation conversation. Marc is a senior consultant with a wealth of knowledge about cyber security. He can help you assess your risk, and for a limited time, even provide a free network security assessment if you like.
Personal Needs: As an individual concerned about an email you received you visit, a good approach is to call your bank to confirm if they sent the email or directed you to a website.
THE GOOD NEWS
You can avoid most phishing scams and other hacker attacks, including ransomware. The only solution is to fully protect every computer, mobile device, and network of your organization with the latest anti-virus, firewall, and other applicable security tool.
The most cost effective way to do this is to have your systems kept secure daily by a professional I.T. security firm like us, a reputable, 15-year-old Maryland & DC Beltway team of computer experts providing IT security and managed services to businesses and nonprofits.