What You Should Know About Email Fraud
Spam is unsolicited email.
Phishing is a type of spam that is fraudulent.
Phishing messages often advertise products, services, or websites and may be used as a means of defrauding consumers by soliciting sensitive and valuable personal information, such as usernames, passwords, social insurance numbers etc. In many cases these phishing schemes lead consumers to believe that they are responding to a legitimate request from a well known institution that is requesting that the consumer update their personal information.
To report fraudulent email click here.
Phishing schemes use sophisticated techniques to disguise the origin of spam emails and of fictitious websites, making it hard for the consumer to detect that they are fraudulent.
Often these criminals exploit the Uniform Resource Locator (URL) "user authentication" syntax feature supported by some Internet browsers to cleverly disguise the fictitious website as an authentic site. Doing so deceives the consumer because the fictitious website's URL, which is displayed in the Internet browser's address bar, matches that of a genuine website.
In some phishing instances, criminals will request that the consumer download and install "security" software which is attached to the spam email. If the consumer installs the software, the criminals can monitor the victim's computer and capture information such as bank, email and computer account details. The use of this mechanism, though low in relation to other mechanisms, has recently shown an increasing trend. In addition, these criminals can "take over" unsecured computers and servers using them to route spam email to conceal the real email source, as well as for launching spam e-mail distribution; all without the victim's knowledge.
How You Can Help Control Email Fraud
While Tbaytel currently has spam filtering in place on its email servers, it is difficult to identify these phishing emails due to the sophisticated techniques used in the email messages.
With your assistance, Tbaytel can work to limit the number of fraudulent emails sent to Tbaytel Internet subscribers.
To report the fraudulent email you received and help Tbaytel track the cyber-criminals, please forward the email to firstname.lastname@example.org.
Here are some steps to assist you in forwarding these fraudulent emails to Tbaytel:
- Open the fraudulent email.
- Once the fraudulent email is open click "Forward" and then type email@example.com in the "To" field.
- Once completed, choose 'Send' in your email application to send the information to Tbaytel.
A Typical Phishing Scenario:
- A spam email is sent to numerous consumers. The email identifies itself to be from a familiar institution, such as Tbaytel, and will typically persuade the consumer to connect to a website or respond to an email in order for the consumer's personal information to be updated. The common claim in the email is that this update is required for "security" or "technical" reasons, in order to keep the consumer's accounts active.
- Some of the email recipients believe the email to be from a trusted source and follow the instructions provided in the email. Usually a link is provided in the email, which when selected, directs the recipients to an official looking but fictitious website. This fictitious website is designed to look like the legitimate company's website and will even include the company's logo. An area on this fictitious website will request the entry of sensitive and private consumer information such as:
- Usernames & Passwords - for emails or computer logins
- Identity Information – such as name, address, SIN, credit card numbers
- These users are providing their information to criminals. These criminals are committing email fraud with the intention of gaining access to consumer emails, computer files, or secure information such as banking information. Usually the criminals will act on the information they have been provided within a short time frame, before it is even detected by the consumer.