Dodging the Hooks: Guarding Against Email and Text Phishing Scams

Posted byAllan MangunePosted inCybersecurity, Life Long LearningTags:, , , ,

Hey there! Let’s talk about something that’s been buzzing around a lot these days: phishing scams. You’ve probably heard about it, maybe in the news, a friend’s story, or perhaps, unfortunately, through your own experience. Scammers are getting crafty, sending fake messages pretending to be from reliable sources like the Canada Revenue Agency (CRA), and it’s getting tricky to tell the real from the rip-off. So, let’s break down some solid ways to protect ourselves from these phishing hooks that come through emails and texts.

Understanding Phishing: The Basics

Phishing is like fishing, but instead of looking for a good catch of fish, scammers are fishing for your personal info. They’ll send you an email or text that looks pretty convincing, claiming to be from someone you trust—banks, government agencies, even your workplace. The goal? To trick you into giving away your personal details like passwords, Social Insurance Numbers, or banking information.

Email Phishing: Sorting the Real from the Fake

When an email plops into your inbox claiming you owe money to the CRA or that you’re getting a refund, take a pause. The CRA’s got a pretty strict way of doing things, and they won’t ask for personal info through email. Here are some things to keep an eye on:

  • Check the sender’s email address: It might look legit at first glance, but often, if you hover over the sender’s name (without clicking!), you’ll see a weird email that doesn’t match the organization they’re pretending to be.
  • Spelling and grammar: Official emails from the CRA or any professional organization are polished. If you spot typos or incorrect grammar, it’s a red flag.
  • Urgency and threats: Scammers love to make you panic, saying you’ll get fined or arrested if you don’t act fast. The CRA doesn’t operate like a bully; they have processes and won’t threaten you out of the blue.

Links and attachments: Never click links or download attachments from emails you did not anticipate.

  •  These can lead to fake websites or download harmful software onto your device.

Text Message Phishing: Keep a Skeptical Eye

Text scams, or ‘smishing’, work a lot like email phishing. You’ll get a text from a number claiming there’s a problem or a benefit awaiting you, with a link asking you to verify your information. Remember:

  • The CRA won’t send you a link via text. That’s just not how they roll. They do send texts sometimes, but never with links.
  • Shortened URLs: If you see a shortened link, that’s a classic smishing move. Legit organizations usually have no reason to hide their web addresses.

Protecting Yourself: The Anti-Phishing Game Plan

  • Personal information is personal. Just don’t share it unless you’re 100% sure of who you’re sharing it with and why they need it.
  • Verify independently: If an email or text makes you anxious or excited about money, take a breath. Call the CRA or the organization directly using a number you find on their official website, not the one in the suspicious message.
  • Update and protect: Keep your devices updated with the latest security. Use strong, unique passwords for your accounts, and consider using a password manager.
  • Stay informed: The CRA and other organizations often post alerts about known scams. Keeping up with these can give you a heads-up on what to look out for.

Conclusion: You’ve Got the Power

Phishing scams can be a bit scary, but knowledge is power. Now that you know what to watch for and how to handle suspicious messages, you’re way ahead of the scammers. Keep your wits about you, and remember, when in doubt, check it out – directly with the source. Stay safe out there, and let’s keep our personal info just that – personal.

Published by Allan Mangune

I hold the esteemed qualification of a Certified Public Accountant and have earned a Master's degree in Science with a specialization in Computer Information Systems. Since entering the realm of software development in 2000, my focus has been on adopting secure coding practices, an endeavour I have intensified after receiving my Certified Ethical Hacker v5 certification in 2008. My professional journey includes guiding clients through their digital transformation journey, particularly emphasizing digital security issues. For more than ten years, I have provided Agile Project Management training to well-known companies. I am a Certified ScrumMaster and have completed the Prince2 Agile Foundation certification. I had the privilege of being recognized as a Microsoft MVP for ASP.NET for ten consecutive years. Previously, I also served as a Microsoft Certified Trainer. As a hobby, I enjoy assembling personal unmanned aerial vehicles during my downtime.

Leave a comment