If I promised to put $1000 in your bank account when you give me your login credentials, would we have a deal? What if I were a random stranger stuck in a foreign jail needing bail money? Would you be my benefactor? Your bank, ISP, or social media account has chosen you for a random password verification – just click the link below to continue! Any of these sound familiar? Have you been tempted? Clicked the link?
- 156 million phishing emails are sent.
- 16 million make it through spam filters.
- 8 million are opened
- 800,000 links are clicked
- 80,000 folks are now a victim of the scam
These numbers only represent Canada…and they are mind boggling. It’s not a matter of IF, it’s a matter of when. When will you be a target? You probably already have. The challenge is IF a victim, what do you do?
I'm a victim, what do I do?
First of all, remain calm. Sure, that’s easy to say. You’ve just realized that you may have become a victim of a phishing scam and you're visualizing your life savings fly out the window.
You’ll need to gather details.
- Do you think you have a pretty good idea where the scam originated?
- Was it via email?
- Did you click on a link in that email?
- Did something strange happen while you were surfing the web?
- Did you get a pop up that you clicked on?
- Was it a phone call? A text?
Having a general idea of where the phishing scam came from goes a long way! You should report it and focus on corrective actions. You are, after all, a victim of a crime with the power to fight back.
Now that you’ve collected yourself and have a clearer focus, let’s begin the reporting process. If you have a membership with any of the popular Identity Theft services, you may have the ability to contact them to automate the cancellation of credit cards, ordering new ones, etc.
Depending on what information you’ve provided to any scammer , it's important to contact credit agencies, banks, and any other financial services you do business with. Let them know what happened and how you think it happened. They can provide you with specific instructions.
Contact your ISP as well. If you have reason to believe the infiltration occurred while you were on a social media website, contact them as well. Let them know so they can take action so others don’t fall victim. Once you’ve taken care of those steps, it’s time to clean up the electronic mess.
In a previous posting, I detailed how to report a phishing scam email. These steps outline reporting to services specialized in handling phishing scams at the source – domain registrars, police, managed service providers, and the FTC.
Change your passwords – all of them (you use different passwords, don’t you?). Email, Banks, IRA savings, social media – everything. Update your antivirus and antimalware software. Scan your computers, make sure your smart phone isn’t infected, and share your experience with others so they know phishing scams are real.
There is a movie called Now You See Me (IMDb) that came out in 2013. A team of 3 magicians scam their benefactor out of his security question answers to gain access to his bank account and drain him of millions. By making outlandish statements, having fun, and getting him to think otherwise, the team got his pet’s name and his mother’s maiden name. Pretty clever. Think it only happens in the movies? Think again. Abracadabra! I’ve got your password!