Go Phish?

While going through my Inbox this morning I was concerned to find a notification that I paid a bill for $1136.27, a charge I never authorized. Upon closer look I realized it was a cleverly designed phishing attempt.

The goal of this attack was to trick me to click on a link taking me to a fake website where I would have been prompted to provide some form of credentials, which would have later led to my bank account getting drained or my identity being stolen. This isn't the first phishing email I've received and it won't be the last.

People fall victim to phishing schemes all the time and instead of learning from the mistake of clicking links and visiting fake websites, there are few small details that can tip you off that you might be falling victim to a phisher.

As you can see from the email below, I've highlighted some tell tale signs that this is a phishing email.

  1. Lame Greetings- if an email starts with, “Dear User” or “Dear Customer” its probably a scam. Companies you do business with generally know your name, especially if they are contacting you about your account or a payment.
  2. Sense of urgency- if the paid amount had been $5.00, I probably wouldn't have been so interested but fraudsters use large sums to scare users into thinking a payment was made on their behalf, mistakenly causing them to seek more information and check out the fake site.
  3. Suspicious links- NEVER click links within an email before checking them out. Fraudsters are great at disguising fake or malicious links within text. As you can see I simply hovered over the hyperlink and quickly saw the website didn't link to a Bill Me Later site.

Bill Me Later was quick to respond and update their website with the following information:

  • Icon on their homepage to alert users of the phishing attacks taking place
  • Tips on spotting a fake email
  • Next steps on what to do with the fake email

No company wants to be apart of phishing campaigns but often times they can't help it. Bill me Later is a perfect example of what to do if this happens and with their guidance, I quickly figured out I am not the only one that is receiving these awful emails. Thank you Bill Me Later for letting me know I'm not alone and arming consumers with the information NECESSARY to prevent these attacks.

Related Articles

How Digital Identity Fights Election Fraud

Learn how bots and trolls influence election fraud and how TeleSign uses digital identity to fight back by removing fake accounts from social platforms.

Learn more

SIM Swap & Digital Identity: Why More Layers of Security are Key

TeleSign chronicles how a SIM Swap attack works, and how social engineering can make it so easy that a young teenager was able to do it.

Learn more

Month in Hacks January 2020

Learn about every hack and breach that took place in January of 2020. Contact TeleSign to learn how to protect your business from fraud.

Learn more

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.

PRODUCTS

ScorePhoneIDSMSVoiceVerificationRCSPhone NumbersNumber Masking

INDUSTRIES

Financial ServicesGamingeCommerceSocial NetworkingOn-demand Services

USE CASES

Streamline Account RegistrationAdd Two-factor AuthenticationKnow Your CustomerPrevent Account TakeoverReduce Fake AccountsCustomer EngagementDeliver Appointment & Event RemindersBuild Two-way CommunicationsEstablish Trusted IdentitiesHost Peer-to-peer CommunicationsVerify Phone NumbersSend MessagesMinimize Fraudulent TransactionsEnable Secure Account Recovery

RESOURCES

DeveloperBlogResearch LibrarySupport

PARTNERS

TRY OUR APIs

COMPANY

AboutCareersPressEventsContactCustomers

NEWSLETTER

© 2021 TeleSign

/

Terms & Conditions

/

Privacy Notice

/

Privacy Whitepaper