Contact information

PO Box 858 Firestone, CO 80520

Hours: 9 - 5 M-F
   

by Bob Hasenhundl

technology

“Phishing”‭ ‬is the industry term for a method used by scammers to try to get your credit card information‭, ‬and they usually arrive by email‭. ‬Phishing emails typically employ scare tactics‭, ‬with a message along the lines of‭: ‬“RE‭: ‬Autopay Failure‭! ‬‮–‬‭ ‬Automatic Renewal Subscription Failure‭. ‬Document Number‭: ‬93582059m‭.‬”

You may have seen emails similar to this in your inbox‭. (‬If you haven’t‭, ‬you’re lucky‭!) ‬That was the subject of a recent phishing attempt I received from‭ ‬“Netflix‭.‬”

Here are a few things you can look for to help determine if these emails are legitimate‭:‬

1‭.   ‬Is your email address the only address in the‭ ‬“To‭:‬”‭ ‬line of the email‭?‬

Phishing emails are often sent to many email addresses at once‭; ‬sometimes those email addresses appear in the‭ ‬“To‭:‬”‭ ‬or‭ ‬“Cc”‭ ‬line‭, ‬but usually‭, ‬they are‭ ‬“Bcc’d”‭ (‬Blind Carbon Copied‭), ‬so you won’t see them‭ (‬or yours‭), ‬and instead‭, ‬the‭ ‬“To‭:‬”‭ ‬address will be some made-up email account‭ (‬e.g‭. ‬protect.server@mailnetflix.net‭) ‬

2‭.‬ Does the email subject begin with‭ ‬“Re‭:‬”‭?‬

The‭ ‬“Re‭:‬”‭ ‬prefix the industry standard for a reply‭, ‬as in‭ ‬“this email is a reply to one that you sent”‭. ‬If the subject doesn’t look familiar to you‭, ‬there’s a good chance it’s a phishing attempt‭. ‬

3‭.‬ Does your name appear in the body of the email‭?‬

Phishing emails may not be addressed to anybody at all‭, ‬or they might be addressed to‭ ‬“Dear Customer”‭ ‬‮–‬‭ ‬both of these are a good indicator that it’s a phishing attempt‭.‬

Phishing emails may sometimes be addressed to your email address‭ (‬and if your email address includes your first and/or last name‭, ‬it can be a little misleading‭), ‬but take a close look to make sure it’s your name‭, ‬and not just your email address‭.‬

Any company you do business with should have your first and last name‭, ‬and they should address you by one or both of them‭. ‬There‭ ‬are exceptions to this rule‭, ‬and the email should have already passed tests‭ #‬1‭ ‬&‭ ‬2‭.‬

4‭.‬ Does your payment information appear in the body of the email‭?‬

If they have your credit card on file‭, ‬they may show you the last 4‭ ‬digits of it‭. ‬If the email does contain the last 4‭ ‬digits of‭ ‬your credit card‭, ‬it is most likely a legitimate email‭. ‬

I received one recently that showed‭: ‬VISA‭ ‬‭**** **** **** ****,‬‭ ‬and since it had already failed all of the previous tests‭, ‬I knew it was a phishing attempt‭, ‬but this was the first time I had‭ ‬seen that‭. ‬Sneaky‭!‬

5‭.‬ Is the email really from the company it’s claiming to be from‭? ‬

The sender’s name may appear to be legitimate‭ (‬e.g‭. ‬“Netflix”‭ ‬or support@netflix.com‭), ‬but the sender’s name is easy to spoof with any email address‭. ‬If you examine the sender’s email address closely‭, ‬it’s usually something like sbceq-cnemalgqgoauml1557309@tkeieie.com‭. ‬To examine the sender’s email address‭, ‬on your mobile device‭, ‬tap on the sender’s name once or twice‭; ‬or open the email on your computer to see the address expanded beside the name‭.‬

6‭.‬ Are you being asked to open a document to read the details of the message‭?‬

DO NOT open the attachment‭. ‬

This is almost guaranteed to be a Phishing email‭, ‬and/or an attempt at installing a virus on your computer‭ (‬which might be after‭ ‬your credit card/account info as well‭).‬

7‭.‬ Do the links take you to the website they claim you’re going to‭?‬

WARNING‭: ‬Clicking a link in a Phishing email isn’t necessarily bad‭, ‬but it may lead to more emails‭, ‬as it might confirm your address with the spammer‭. ‬If you click a link in a Phishing email and then enter your information‭, ‬you may be giving away your credit card information to a scammer‭!‬

Clicking on the links is the last resort‭, ‬which I don’t recommend unless you’re comfortable enough with the internet to know the difference between domains and subdomains‮…‬‭ ‬with that said‭, ‬using the Netflix‭ ‬example‭:‬

The URL should begin with https‭://… ‬The‭ ‬“s”‭ ‬is very important‭; ‬it signifies a Secure connection‭ (‬credit card transactions should never be made over an unsecured connection‭).‬

What follows the https‭://, ‬and comes before the next‭ ‬“‭/‬”‭ ‬is very important‭ ‬‮–‬‭ ‬it should only be www.netflix.com‭, ‬e.g‭. ‬https‭://‬www.netflix.com‭/. ‬One trick I’ve seen employed is where they create a subdomain that matches the website you’re expecting‭, ‬but that just prefixes the name of the actual domain‭, ‬e.g‭. ‬https‭://‬www.netflix.com.someothercompany.com‭/, ‬so at first glance to the unsuspecting eye‭, ‬it looks legitimate‭, ‬but further analysis reveals it’s not‭.‬

More often than not‭, ‬the URL will be of a website they managed to hack and insert some code that looks like the login page of the company they’re trying to spoof‭.‬

On most mobile phones‭, ‬if you long-press a link in an email‭, ‬the phone will pop up the domain name and URL so you can examine them and check their legitimacy‭.‬

If you’re still not sure‭, ‬visit the website directly‭ (‬do not use a link in the email‭) ‬and either log in to your account and check for a‭ ‬notification message there‭, ‬or contact customer support via telephone‭.

Bob is an IT professional at University of Colorado with over 30‭ ‬years of technical experience‭. ‬He lives in Firestone with his wife‭, ‬three dogs‭, ‬and cat‭.‬