How to Spot a Phishing Attempt



These days, fishing doesn’t just mean going after bass or perch with a baited hook. There’s a new and sinister form of fishing in town: It’s called “phishing” and involves unscrupulous actors fraudulently obtaining consumers’ sensitive identity and credit card information. As a business owner, you need to know how it works and how to spot it before this practice does damage to you and your customers.

What Are Email Phishing Scams?

Email has become a huge part of our lives. Over the years, we have become smarter at recognizing and immediately deleting junk or spam messages. However, savvy criminals always remain one step ahead. These days, they can craft messages so polished that they look like they originated from trusted vendors that we frequently do business with, including banks and credit card companies.

All it takes is one slip when a customer mistakes a fake message for the real thing. In an instant, their credit card and identity information can fall into the wrong hands, opening the door to fraudulent buying that empties out their account and hurts the merchants involved in the transaction on their stationary or wireless credit card terminal.

How to Spot an Email Phishing Campaign

There are several red flags that can help you and your customers to detect phishing:

• A request for confidential information via email or text message
• Urgent, time-sensitive demands to respond
• Misspelled words or unfamiliar domain names
• Links in the body of the message
• Failure to personalize the message or to provide partial account information such as the last four digits

Encourage your customers to contact law enforcement if they have good reason to suspect phishing. If you believe your business is being fraudulently represented in this way, get in touch with local authorities as well as your merchant account payment processing provider.

What Are Online Credit Card Phishing Scams?

In the past, the internet was often a dangerous place to make a purchase. Fortunately, recent security enhancements including seals from companies such as VeriSign, lock emblems, and an “https” heading in the internet browser provide evidence that the website is safe and the data the customer furnishes will be encrypted. Because of these online security enhancements, it is now more likely that customers’ personal data and credit card information will be stolen at the point of sale than online.

For that reason, merchants like you need to be vigilant about safeguarding your workplace against credit card fraud. That means paying careful attention to the following:

• Install high-quality antivirus and anti-malware software.
• Be suspicious of emails requesting that you update or verify your account.
• Limit the access your staff has to company email.
• Encourage staff to report anything suspicious without clicking on any links.
• If you know that your business or customer data have been compromised by a phishing scam, alert customers via all possible channels.
• Set up a dedicated email address where customers can forward false messages allegedly coming from your company.
• Publish a complete list on your website of all email addresses and domains from which you will legitimately send email.

Sadly, phishing scams are an unpleasant reality that will probably be with us for the long term. Your best defense against them is to plan ahead and arm yourself and your customers with information.