Subj : Phishing Signs
To   : All
From : Daryl Stout
Date : Tue Mar 01 2022 00:01:38

Phishing is the fraudulent practice of sending emails that appear to
be from a reputable company, with the goal of getting you to share
sensitive information. Often, the targeted information includes login
credentials, credit card information, bank account details, or other
personal information. You may be less familiar with spear-phishing,
which is a highly targeted form of phishing. Unlike a general phishing
attack that casts a very wide net (sending generic, mass emails), a
spear-phishing attack is personalized with specific details about the
message's recipient.

Spear-phishing attackers may gather personal information from your
social media accounts, or the dark web, to create messages that appear
to come from trusted sources -- like companies or even individuals that
you know. They use these personal details to trick you into taking an
action that could cause you to share even more personal information.
Most frequently, the attacker suggests clicking a link or downloading
software that contains malware or spyware, which could compromise your
personal and account information, potentially including financial and
banking accounts.

Think of unknown emails, texts or phone calls as someone at your door.
If you don't recognize them, and would not readily let them into your
house, then don't invite them onto your phone or computer.

Here are some tips to check if an email or text is legitimate, and
how to deal with unsolicited emails, calls and texts.

Hover over the "from"  email address to see the full address, and
make sure it is one you recognize and trust.

Look for domain names that are slightly different or misspelled. For
example, an attacker might send emails from domains you are familiar
with, but the address will have a slight misspelling from the actual
website.

Legitimate companies will NEVER ask you to send sensitive information,
such as passwords, bank account information, social security numbers,
date of birth, or medical information in an email, chat session, or
support call.

They will NEVER ask you to type your username or passwords into any
website, outside of their websites, web apps.

If you get a call from a company you deal with, or any government
agency, tell them nothing, instead offer to call them back. Get their
number and a name.  THEN verify the number given against information
you already know about the company.

You can also check phone numbers at several sites to see if they have
been listed as scam call numbers.

https://www.fraudnumber.com

http://badnumbers.info

https://www.scam-detector.com/article/phone-number-finder.

More ways to stay safe

Few people still pick up phone calls from unknown numbers, but if you
do, you need to listen closely to what the person on the other end
says. If you receive a call and immediately hear the phrase "Can you
hear me?," hang up.

The phrase is used to coax you into saying "yes," a word that, if said
in your voice, is as good as gold for con artists. They can then use
your voiced word to say you agreed to give them money, or use your
credit card for a purchase.

Do NOT click on links or attachments in emails or text messages from
senders that you do not recognize. Delete the text/email, and then
contact the company from information you have in your files.

When you "hover" over an email address, if any part has a jumble of
letters or characters, it is likely a phishing address.

Be especially wary of attachments like .zip or .pdf and particularly
of executable file types (like those that end in .EXE). If you do not
know the sender personally, you should never download or click these
attachments.

Do not provide sensitive personal information (like usernames and
passwords) over email.

Do not fall for messages that claim to be "urgent" or "time-sensitive".
Often, scammers will try to scare you into sharing your personal
information. Always take time to verify the identity of the requester
and remember that Quicken and other reputable businesses will not ask
you to provide sensitive information over email or over the phone.

Pay attention to even seemingly harmless requests. A common ploy
scammers use is emailing you a link to do something like change your
account password. The link, in reality, will download malware or
spyware.

Do not open any document that you're not expecting to receive.

If you can't tell if an email or text is legitimate, err on the side
of caution and delete it. You can always call the business directly
with any questions or concerns.

Here is a link to the consumer fraud page to read about the most
current scams in the field today.

https://www.consumer.ftc.gov/taxonomy/term/874
                                                                                                                                            **********************
--- SBBSecho 3.14-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.