Phishing Alert

ALERT
High Levels of Phishing Attacks

We're seeing a high volume of phishing scams this week, including messages purporting to be from Chase, PayPal, Ebay, Verizon, and AT&T.

A phishing scam is an urgent-sounding email that tries to get you to click on a link, supposedly to log in to your online banking, credit card or other account. But the link actually takes you to the scammer's website, which will record your username and password to steal your identity, your money, or worse.

Sophisticated Recent Attacks

These attacks are becoming more and more sophisticated. Here are two recent examples that look legitimate:

Click the thumbnails above to see full-size images
(which also show the actual link destinations).

Those might look real, but they are phishing scams. The links in the attack follow a common pattern that we've been seeing where the scammer has hacked into a web site and inserted a file in a new folder. The links look like this:

http://<domainname>.<tld>/<Eight random letters/digits>/index.html

Where <tld> is is a top-level domain, like ".com", ".net", etc.

For example: http://www.misjuegosonline.info/abCD1234/index.html

You can detect many phishing scams by hovering over the link in the email. The actual destination will appear at the bottom of your browser window. If it is not the actual web site, or looks something like the above, then it is probably a phishing scam. But don't even trust that. You can take a simple precaution to protect yourself.

Don't Be a Victim

In short, never click on a link in a email that is supposedly from your bank, credit card company, PayPal, etc. If you want to check your account, open a new browser window and and type the company's web address (like "chase.com") directly into it* .

Click here to watch our YouTube video that shows you how to avoid becoming a victim of phishing scams.

While you're there, you can also subscribe to our YouTube channel.


*This assumes your computer is not infected with a DNS Changer type of virus. To check if your computer is infected, go to "http://38.68.193.96". For languages other than U.S. English, go to FBI Rogue DNS Check first.