Go Phish?

While going through my Inbox this morning I was concerned to find a notification that I paid a bill for $1136.27, a charge I never authorized. Upon closer look I realized it was a cleverly designed phishing attempt.

The goal of this attack was to trick me to click on a link taking me to a fake website where I would have been prompted to provide some form of credentials, which would have later led to my bank account getting drained or my identity being stolen. This isn't the first phishing email I've received and it won't be the last.

People fall victim to phishing schemes all the time and instead of learning from the mistake of clicking links and visiting fake websites, there are few small details that can tip you off that you might be falling victim to a phisher.

As you can see from the email below, I've highlighted some tell tale signs that this is a phishing email.

1. Lame Greetings- if an email starts with, “Dear User” or “Dear Customer” its probably a scam. Companies you do business with generally know your name, especially if they are contacting you about your account or a payment.
2. Sense of urgency- if the paid amount had been $5.00, I probably wouldn't have been so interested but fraudsters use large sums to scare users into thinking a payment was made on their behalf, mistakenly causing them to seek more information and check out the fake site.
3. Suspicious links- NEVER click links within an email before checking them out. Fraudsters are great at disguising fake or malicious links within text. As you can see I simply hovered over the hyperlink and quickly saw the website didn't link to a Bill Me Later site.

Bill Me Later was quick to respond and update their website with the following information:

• Icon on their homepage to alert users of the phishing attacks taking place
• Tips on spotting a fake email
• Next steps on what to do with the fake email

No company wants to be apart of phishing campaigns but often times they can't help it. Bill me Later is a perfect example of what to do if this happens and with their guidance, I quickly figured out I am not the only one that is receiving these awful emails. Thank you Bill Me Later for letting me know I'm not alone and arming consumers with the information NECESSARY to prevent these attacks.