You might think you're too smart to fall for "phishes," but are you?
Phishing scams try to lure you by mimicking real emails from big companies. But clicking on a phish is a big mistake. Then they'll try to install malware on your computer and maybe steal your bank account, even your identity.
"There's a lot of people still coming online for the first time, whether it's grandma or kids," said Stephen Cobb, a researcher at the ESET security software company. "One of biggest mistakes is the assumption that people know more about problem than they do."
Even experienced computer users sometime drop their guard if the email comes from a company they've recently done business with, Cobb added. And in a technique called "spear phishing," phishers are targeting people who work at specific companies, even specific individuals, said TODAY Financial Editor Jean Chatzky.
"If you're on vacation in a particular place, a scammer might send you a traffic ticket from that place," said Chatzky. "You believe it, because you were there, but in the process give out your driver’s license and bank or credit card number."
So what else happens after the click? It could just be simple "click fraud." Some scammers make money by tricking you into visiting a page of unwanted ads.
But they might download an "exploit kit" of 20 different techniques to break into your computer and control it, even making it send more phishes to attack more computers. Or they could try to imitate a banking login page so you unwittingly hand over the password to your entire life savings.
To test your mettle, we partnered with ESET to put together a fun quiz using a mix of real emails from companies and phishers.
Can you get 100% right and unlock the "Super Trawler" accomplishment, or are you just "chum" for the sharks?
Please send feedback on this quiz to firstname.lastname@example.org.