Recently a friend shared a post on Facebook that said Best Buy was offering 50{463c70c279fb908728b910a090d44fbe4ae7aabcd875de9c1a518a8c8e2be8bd} to anyone who registered for any of their products in store or online. Unfortunately it was a phishing scam, this is when someone creates a fake site and makes it look like a legit one. Here is some advice for you to help to identify them and keep you safe hopefully.
To Good To Be True
50{463c70c279fb908728b910a090d44fbe4ae7aabcd875de9c1a518a8c8e2be8bd} to anyone and off of everything was my first red flag, anytime you see something that seems to be too good to be true, you can almost certainly bet that it is. Like that relative from Africa that passed and the lawyers are trying to find you to settle their estateā¦
Personal Information
If they request any personal information, urgently require you to log in and provide you a link for you to do so, means an alarm should be going off. They’ll try to make you feel intimidated and create a case of urgency so that you get flustered don’t have time to think and jump for the bait. If you’re ever uncertain contact the company directly by searching for their information from the web, not using the info provided in the email or following the link.
Incorrect Grammar or Spelling
A lot of times you’ll be able to tell they are fake right off the bat, like if you live in Canada for example and the IRS is sending you a statement regarding your taxes. That one was painfully obvious but sometimes you need to look deeper at the body of the content or at what’s written. Actual companies tend to make sure that their emails are well written unlike most of the scammers out there that come from different countries and might not understand the differences in language.
IP Address
Every computer connected to the internet has its own address, this is called an IP address. An IP address consists of 4 sets of numbers known as octets, they are separated by periods. Each one ranging from 0-255, so an IP address would look something like this 192.168.0.220.
Emails that you receive contain the IP address from the sender, this information tends to be hidden. You can view it though, simply find out how you can view email source information for the type of email program or website you are using by searching online.
Once you’ve obtained the IP address you can do an “IP reputation lookup” and see if the address has a bad reputation or a good one. This might not necessarily point out a bad IP address because it could take some time before it becomes flagged especially if they just obtained a fresh address with a good reputation or even faked the address altogether which can be done as well.
Reading URL’s
Reading URL’s, the website’s address can be tricky, there are many ways these scammers try to disguise them today.
The first thing you need to do is copy the entire address and paste it into a word editor so that you can see the entire address, allot of times useful information is cut off inside of the address bar because the text of the address flows beyond the textbox.
This is where things get a bit tricky until you understand it better. The first thing you’ll want to locate is the domain extension, which is followed by a period followed by an extension like .ca, .com, .xyz and many, many more. You’ll want to find the last reference to an extension, the right most one. Usually scammers will try to prefix something to a domain because that part is read from right to left, so something like “best-buy.com.b.xyz” is not the domain of “best-buy.com” but is “b.xyz” and they just added the best-buy part to throw you off.
Addresses are also read left to right as well when we start looking at pages or subfolders that belong to that site which come after the domain extension. So you might see something like this “best-buy.com.b.xyz/discounts/50percentoff.asp?x=xyz&p=discount&d=save”. Here the “.asp” is a file name and not a domain extension, this is why things can become confusing especially for the person that doesn’t know much about URL’s, how the web works or computers. The question mark “?” lets us know that everything after are variables usually used in dynamic pages. Basically they’re telling the web server that there are variables like x, p and d which are separated by the “&”, the “=” so when it says “x=xyz” this means the programmer is using a variable “x” which will have the value of “xyz” assigned to it. There are tools that allow developers to write this slightly differently so you could see them like this instead “best-buy.com.b.xyz/discounts/50percentoff.asp/x/xyz/p/discount/d/save” which makes it more search engine friendly but can confuse a novice user completely if they are trying to figure out the URL.
To simplify things if you’re looking at an address where you see a legit domain name like “best-buy.com”, keep reading to the right and see if you see any other extensions (a period followed by a couple of characters), if they come before the slash “/” then chances are they are domain extensions if they are after the “/” it could be page extensions.
If you ever question the link, contact the company or if it’s nothing important or sounds too good to be true don’t even bother, it’s probably not worth the troubleā¦