If you've checked your email lately, there's a good chance you've received one of those phishing scams. You know the emails, the ones claiming to be from a legitimate company and tell you to click a link to fix a problem that doesn't exist.
Those emails can be quite convincing, they use the company's logo, and usually some scary message that something is wrong with your account. The crooks have one goal, to get you to click a link. If you do, your computer could be attacked with a virus or cyber thieves could steal your personal information. You may not know it, but there's another tool on the web to help you fight back.
Anti-phishing.org is a place where you can report these fake emails. The goal of the Anti-Phishing Work Group is simple; to educate and protect consumers and spread the word about these attacks.
The people behind the website say it's a work in progress but the good guys are gaining ground. We talked to Peter Cassidy, the sites Secretary General. "The reason the behavior of the bad guys is changing is because the good guys, industry, and the government, are figuring out ways to make their lives more difficult and more expensive," he says.
Here's how it works: just forward the suspicious messages to email@example.com. If workers determine it is indeed a fake, the company sends out alerts to all of its members, which include major corporations. Those companies then alert customers. "If you are running a non-profit or a big business, or medium sized business or a home business, you have to know you are now two targets. You are a target as a consumer and you are a target as an officer of a corporation," Cassidy explains.
APWG is also co-founder of a site called Stop. Think. Connect.Org. It's another site educating consumers about cyber crimes."Impulse control is key. You need to not say okay all the time. You need to think about what you are clicking on. You need to consider the dangers of being led places on the web through links and messages," he says. APWG receives about 60 to 70 thousand reports a month. Your involvement is key. If you think you're the victim of a phishing scam, don't just delete it, report it. "Every report we get is important. You can be the first indication, the first signal, the first scout that there is an attack underway that's endangering people," Cassidy says.