Update Payment Method Scam

We have all experienced a realistic-looking and fear-inducing email from a service provider that warns us of a cancelled or suspended account due to an error stating something like "We couldn't process your payment". There is often a button or link that invites us to Click Here to update your account or Update Payment Method to reactivate your account. If you do have a subscription-based account with the provider you may easily be fooled into following the instructions to update those details by clicking the link or button.

Typically the email comes from a noreply-account or an email that differs from the provider's typical account. The display name may appear to be from your provider, but the sender's email will be from a totally different account. It may even contain suspicious looking additional addresses mixed in with a legitimate provider address or may be entirely unrelated to the actual real provider. This type of official looking email is easy to fake but also easy to spot.

Below is an example of what such an email header may look like.

The tell-tale sign that this is an fraudulent phishing attempt is apparent in several hidden codes within any clickable links or buttons contained within the email. DO NOT CLICK them!

If you simply hover your mouse over any clickable item in an email or on a website (without clicking on it!) you will reveal the hidden coded link that the item really points to. I call this the "hoverboard technique" so it is easy to remember.

In the video, you will notice in this real example that the Update Payment Method button actually points to https://wix-login.ooakstyling.dk/re/?login-id=d41d8cd98f00b20&user=00b204e9800998ecf8427e and NOT to Wix.com. This is all the proof you need to realize that this is a clear phishing attempt. Clicking on such items will, at the very least, verify to the scammers the legitimacy of the underlying email address that it was sent to, but it could also launch malicious code or take you to a mirrored site that is designed to steal your information (login and payment credentials) and gain control of your account or your money.

Second, if you hover over other blue or clickable links, you will see if those point to a legitimate destination or, as in this example, there are no destinations, then you will know that this was a scam email that was not even created with a lot of effort. It simply hoped to capture lazy users who don't bother to check such details.

Scammers succeed with these types of emails because they know most people just look for the action items without paying attention to the details.

Hopefully this "hoverboard technique" will help save you from falling victim to such phishing attacks in the future. Identity theft is the #1 fastest growing crime in the world today. If you don't take careful steps to protect yourself from electronic theft attempts, scammers could cause you massive damage to your credit and even cause a bankruptcy.

To learn how to protect yourself from Identity theft, visit our dedicated discussion page on our website at www.defend.thewealthcoaches.com.


If you have an experience with this or similar type of scam, we'd love you to share in the comments below. Keep it clean but be specific in the details so other students can benefit from your story. If it is really good, perhaps we'll turn it into a separate lecture in your honor!

Discussion

0 comments