spotting bad links
A Recent Phishing Attempt Example
June 2, 2022
Phishing and other forms of online fraud are becoming more and more prevalent in daily life. Recently,
one of our very own members came across a phishing attempt that almost cost a sizeable amount of money.
The member received an email from someone (a fraudster) posing as a representative for their investment
company. There were some bad links in the email that could have either downloaded a malicious software
onto the member’s computer or tracked their data online. The fraudster was able to steal the member’s
login information for digital banking and almost manipulated the member into transferring out thousands
of dollars. Luckily, this was discovered and blocked.
This member was very fortunate that the fraud was caught. Others are not so lucky. It’s important to
know what to look for in an email to avoid these types of attacks in the future.
Here are some tips for avoiding bad links:
Hover over a link without clicking it. If you hover your mouse over a link without
clicking, you’ll see what link the email actually will send you to. In a phishing attempt, the link
could be a page with malicious software or even could capture your login information. For example, let’s
say someone sends you a link to mwafcu.org. When
you hover over this sample, you’ll notice it’s actually sending you to another page (one of our blog
posts) not the main page of our website as it suggests.
Check the sender. Is the sender someone you know? Make sure their email address
matches what you have saved for them. Again, actually check the exact email address it came from. Look
for suspicious email extensions. If a business is emailing you, they’ll most likely have an official
domain email address, not a gmail, Hotmail, or yahoo address. Also, remember that they can make their
email address display any name they want. Perhaps it says “PayPal Service” but when you expand the
information to see the email address, it may say “[email protected]” or even “pa[email protected]”
instead. That’s a red flag.
Do not open attachments. If you get an email from someone you don’t know, opening an
attachment could download a virus on your computer.
When in doubt, do not click on any links in an email – even if it looks like it’s coming from a
business you know. Fraudsters can easily copy email formats from reputable businesses and
make their emails look legitimate. Instead of clicking a link in an email, just bookmark your favorite
pages ahead of time and go directly to the link itself through your bookmarks.
Set alerts for suspicious activity in digital banking. You can set up text and email
alerts in digital banking to inform you whenever there is a login or a change to important information
like your contact info, login credentials, or password. You can also set alerts for large transactions.
If you think your account has been compromised, change your passwords. Change your
email password. Change your digital banking username and password. Change any password you may have
possibly given to the fraudsters.
Seek help from a professional for malicious software. If you think there may be a
virus or malware on your computer, take your computer to a professional. They’ll make sure the software
is disarmed and your computer is safe again.
It is important to remain alert and use these tips to look out for bad links and phishing emails. Using
these tips could help protect you and your family from hackers and fraud. Additionally, you can also
protect yourself from identity theft with Ultimate ID. MidWest America Federal Credit Union offers
Ultimate ID for just $5 per month, which helps to protect you and your household should your identity be
stolen. Find out more here.