Phishing scams are cleverly disguised communications through which scammers attempt to get your account login credentials. These scams most commonly show up in the form of email messages, but may also appear through instant messages, text messages, and even in phone calls.
These phishing messages are designed to appear as though they were sent by a legitimate company. In email phishing, scammers will usually forge the From email address to make it appear to be from the company or person it is pretending to be. They will also use logos and graphics from the legitimate company’s web site and create an email which looks similar or identical to actual messages the company might send.
The links contained within an email phishing message usually lead the recipient to a false website. These false sites are usually identical or very similar to the site to which the recipient thinks they are traveling. Once the recipient has “logged in,” however, the site owner (scammer/phisher) has and can use the recipient’s login information. Sometimes these sites will contain additional fields to be completed and often request that the victim update their banking, payment, or other sensitive information.
Perhaps most importantly, these scam messages, regardless of how they are delivered, are written in a way to trick the recipient into immediate action by using urgent or threatening language. Almost all of these phishing messages indicate to the recipient that his or her account will be shut off if he or she does not comply with the requested action in the message. Most companies will not contact you through email, instant message, or text message for urgent account updates. CareerBuilder will not send you an email requiring any updates to your account or threatening to close the account if you don’t take a particular action.
More recently, email phishing messages have included additional threats to the recipient by not only tricking him or her into providing login and other sensitive information, but also into downloading malware onto the recipient’s computer system. This malware, usually a Trojan horse program or even a mix of programs, can often sit on the recipient’s computer to capture data from the hard drive and track the user’s keystrokes.
If you receive an email that you suspect might be a phishing attempt, don’t click on the URL within the message! Please be sure to check the destination URL on the link contained within BEFORE attempting to login or submit any information. By simply hovering your mouse pointer over the URL, many email applications will display information on where the URL actually takes you. You can also “view source” or “show original” message in many application based and online email viewers.
When in doubt, contact a trusted source at the company, such as calling their Customer Service department, to verify what communications have come from them. It is also recommended to hand type the known URL of the company into the web browser before logging in instead of clicking on any links sent to you within messages purporting to be from the company.
If the email in question appears to be from Careerbuilder, contact CareerBuilder’s Trust and Site Security team to verify if the email is legitimate before performing any actions.