Gone phishing: A bit of prevention, a byte of cure

Imagine you have served more than 20 years in the military, received numerous commendations, and have built up a level of trust with your peers. You have become everything you want to be—perhaps even a bit more—and met every challenge head on and with success.

Then, someone steals your identity. They use it for profit while leaving devastation in their wake. And they’re doing it under your name. It’s called “identity theft,” and it happens every day to individuals throughout the military and civilian communities.

For companies, “phishing” is similar to identity theft. The difference is that a phishing scam doesn’t seek to rip off a company, but instead uses the good reputation and name of a company to rip off consumers. These scams are dangerous, not always easy to identify, and even the most intelligent and cautious consumers can fall victim.

The way it works

Phishing is a way to get people to share vital information, usually financial in nature, and usually via e-mail. The trick is that the phisher uses a real logo, and the e-mail address appears as if it’s from a legitimate and well-known company. E-bay, PayPal, Amazon … all have had, and continue to have, their name used by phishers. Even the Better Business Bureau has had its brand stolen and used in phishing scams.

Why companies care

A company’s “brand” is more than just its logo. It includes position in the market (McDonalds or Wal-Mart), reputation (Rolex or Ferrari), or how a name became the standard for everything else (Kleenex or Post-It Note). Many companies spend a great deal of time building their brands, and some brands are, in and of themselves, valued in the billions of dollars.

When someone takes that brand and uses it illegally, it tarnishes the brand’s image and can decrease its value. It can also lead to higher prices for consumers due to legal action, tighter security for Web sites, or legitimate communications with customers to inform them of an ongoing scam.

Basically, phishing scams cost everyone money, not just their victims.

Protect yourself

The following are a few ways to protect yourself from phishing scams based upon recommendations from The Anti-Phishing Working Group (APWG), a group of individuals and companies that fight against online fraud.

  • The simple things—If you’ve never bought anything from a company—Ebay, for example—chances are you won’t be getting an e-mail from them. But if you have done business with the company and aren’t sure of the e-mail, look for incorrect spellings and poor-quality images often found in phishing schemes.
  • No rush—It is highly unlikely that any legitimate company will tell you, without prior warning, to contact them immediately; most will give you a few days. So beware of e-mail messages that request immediate action, since that could be an indication of a phishing scheme.
  • Protect your information—No company will ever ask for you social security number, account number, or password via e-mail or even over the phone; they will only do so from secure sites when online, and will only ask for a simple identifier over the phone (e.g. the last four digits of our social security number, not the whole thing).
  • Ignore the links—If you’re not sure about an e-mail, never click on a link it contains. It is possible to make one Web site address look like a different one. (For example, it may look like you are on www.yourbank.com, but in reality you are on www.phishersite.com.) Instead, either use a bookmark or type in the real site address.

You can find more information on this issue at www.antiphishing.org. And, one last piece of advice:

  • When all else fails—If you’re not sure what to do, just contact the company in question. Odds are they’ll help if it is a real problem, and you can notify them of the phishing scam if not.

Your help is needed

The easy thing to do is just delete any phishing e-mail you receive. Doing so, however, won’t make the problem go away, since no one else will know what you received, where it actually came from, and who is responsible. For this reason, it’s absolutely imperative that consumers report the phishing e-mails they receive, and it’s quite easy to do:

  • Mark it as spam—Most of the large providers (Yahoo!, Hotmail, etc.) have a button you can simply click to notify them the e-mail you received is spam. From there, the sender’s information is entered into a database that can help the e-mail provider stop similar ones in the future.
  • Notify your e-mail provider—If you have been absolutely overloaded by phishing e-mails, contact your e-mail provider directly and report the abusive messages.
  • Contact APWG—You can also send the message on to the Anti-Phishing Working Group using the guidelines on their Web site.

By reporting these messages, you help build up a database of offenders, provide valuable information that can stop new types of attacks, and save companies and consumers millions of dollars.

Remember, phishing scams affect everyone—military and civilian, rich and poor, young and old, company and customer. But by taking a few steps to protect yourself and reporting the messages you receive, you can make a difference and help put phishers out of business.


MilitaryConnection.com thanks you for your patronage. This web site is a portal of all things military, and we are quickly becoming the “go to” web site for all things military. We are constantly adding resources, content and features to benefit our audience. Our web site and all of the resources are free to users, and there is something for everyone. Additionally, we feature finance articles like this to keep you informed. If you belong to a group or organization, we will post your press releases, special events, newsletters, professional conferences and seminars, reunions, job fairs, and videos to help spread the word. One of the areas of our focus is connecting candidates from the military community with outstanding government and civilian employers. We know that candidates from the military community across the board have a work ethic second to none. They make highly valued employees. MilitaryConnection.com has a multitude of employment resources including a Directory of over 30,000 employers, Job Tips, Columns, our new and improved Job Board, Virtual Job Fair and much more. We understand the importance of education. Please check out our new Education section, featuring the most up to date information on the new GI Bill, Education Articles, Education Benefits, and the Scholarship Directory featuring thousands of scholarships. When the next tour is back home, it’s on MilitaryConnection.com.