That link would then lead to a page made to look like a Web property of the bank in question. The user, having followed that link, would then be compelled to enter his of her username and password in order to access his or her account and create a new password. Of course, what is really happening is that the attacker is tricking that user into disclosing his or her online banking credentials (this is why banks warn against following such links in unsolicited emails and encourage that customers navigate directly to banking websites before logging in).<\/p>\n
So, if you ever become aware of a Phishing attack \u2013 whether it\u2019s targeting payment info, social networking credentials or anything else \u2013 what should you do? You actually have a lot of options, but, broadly speaking, you should follow these five steps:<\/p>\n
- \n
- DO NOT CLICK ON QUESTIONABLE LINKS;<\/li>\n
- Definitely forward the phishing email and link along to the company being imitated;<\/li>\n
- In some cases, you may want to contact law enforcement<\/li>\n
- It\u2019s also a decent idea to inform a government consumer protection agency or relevant tech firm;<\/li>\n
- And definitely delete offending message once you\u2019ve done all this.<\/li>\n<\/ol>\n
Let\u2019s say you encounter a PayPal-themed phishing campaign. You\u2019ll want to contact PayPal\u2019s dedicated fraud team. You can find their info simply by searching \u201cPayPal Report Phishing\u201d or \u201cPayPal fraud\u201d into your favorite search engine.<\/p>\n
![\"Reporting](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/05\/06043555\/Reporting-Fraud-to-PayPal.png\")
<\/a><\/p>\nOnce you\u2019ve done that, you should follow whatever instructions they offer up. If it was a phishing email, you\u2019ll want to forward the email along to PayPal, then delete it. After that, the service recommends running through your transaction history to make sure everything is accurate. Similar actions can be taken under any number of similar circumstances. Gmail has a phishing reporting feature built directly into its graphical user interface. Most banks and merchants will have a feature for reporting phishing attacks as well.<\/p>\n
Depending on the severity of the situation, you may want to contact law enforcement, but we\u2019ll explore that more in the next section.<\/p>\n
The United States Computer Emergency Readiness Team (US-CERT) \u2013 the cyber-incident response division of the U.S. Department of Homeland Security \u2013 has a dedicated email address (phishing-report@us-cert.gov<\/a>) to which you are encouraged to send information about phishing attacks. Similarly, the Internal Revenue Service has its own thorough phishing and fraud page<\/a> \u2013 filled with information about how citizens should react to tax-related scams. These are U.S.-specific agencies, but if you were to search a bit, then you could easily find similar organizations in other countries. Beyond government agencies, tech firms like Google<\/a> and Microsoft<\/a> have easy-to-use pages offering information about phishing and fraud and letting users submit links to phishing websites.<\/p>\n
Billing Discrepancies<\/b><\/p>\n
Every single time I make an online purchase, I think about what happens if I just never get what I ordered. Or what recourse is available to me if I am overcharged. Of course, the proper course of action to follow in reaction to such an incident is going to vary, depending on who you are buying from and what kind of payment method you are using. That said, in general, the following three, broad steps are a good starting point for dealing with disputed or fraudulent transactions.<\/p>\n
- \n
- Contact the organization where the charges are coming from;<\/li>\n
- If that doesn\u2019t solve the problem, contact your bank;<\/li>\n
- In certain cases, you may need to contact law enforcement.<\/li>\n<\/ol>\n
If you\u2019re ever overcharged for something you bought, charged for goods or services you did not purchase, or charged for something you bought but which you never received, then you will want to begin by reaching out to the offending merchant. In the case of what appears to be a fraudulent charge where there is no legitimate merchant involved, you may want to reach out immediately to your bank or credit card provider to explain the disputed transaction.<\/p>\n
If the company that issued the charge is a is seemingly well-established merchant \u2013 like eBay or Amazon \u2013 then there is likely some sort of disputed transactions page or resolution center. Any reputable, online seller of goods and services should offer some way for customers and other users to dispute transactions, though I\u2019m sure in some cases you will have to do a bit of digging and maybe even call the company directly. If you are honest and patient, you should be able to resolve these disputes with most responsible merchants. In these cases, you may not even need to contact your bank or credit card provider.<\/p>\n
However, if it becomes clear that you are never going to receive whatever it is you ordered, you feel as if you have waited longer than appropriate, or something downright fraudulent is going on, then you should go ahead and reach out to your bank. Whatever bank holds your money, or whatever brand of credit card you use, that bank or credit card company is going to have a system for reporting fraudulent charges. Do an Internet search, navigate around your bank or credit card company\u2019s website, or even pick up the phone and call the customer service department there.<\/p>\n
In addition to that, on sites like eBay and Amazon, where individuals can sell goods directly to customers, you may find yourself victimized by a fraudulent seller that is not directly employed by the broader marketplace. In that case, you\u2019ll need to follow their specific instructions for handling fraudulent sellers, which Amazon and eBay definitely have in place.<\/p>\n
If it appears that outright fraudulent charges are being charged to your accounts (as in someone has ascertained your credit card number or eBay login credentials and is racking up charges), then you may need to contact law enforcement. You can find links to the proper, regional authorities (in the U.S. at least) here<\/a>. Again, if you\u2019re outside the U.S., run a search for \u201cconsumer fraud reporting,\u201d and I\u2019m sure you will find what you are looking for.<\/p>\n