Phishing Emails
Wednesday 22/04/2020
Phishing is the act of sending an e-mail to a user falsely claiming to be from a genuine and legitimate source in an attempt to trick the user into providing private information for identity theft or financial gain.
With the number of phishing attempts increasing by 65% in the last year (source: retruster.com), the methods of gaining information have become far more sophisticated and the lines between genuine and fraudulent have become more seemingly blurred.
Because of this, the most effective method against being caught with one of these bogus emails is user awareness!
Here are some simple steps you can take in order to spot a phishing email:
Don’t trust the display name
Ensure that you check the email address of the sender. Hackers attempt to impersonate a legitimate company or person by altering the sender’s display name.
Double check the email address
Hackers need you to act on their email and the easiest way of doing this is to trick you into believing the email has come from a reputable source. If they contain any extra domain name padding, it’s likely a scam! Example: heyyou@clickherenow.paypal.com
Check the link before clicking
In many scenarios’ hackers want you to click on their links which will navigate you to a malicious site which will look almost identical to the establishment they are impersonating. Once there the hackers are hoping you will part with your personal information or money.
Two methods to avoid making this mistake is to browse directly to the organisation’s website and contact them in a manner you are confident is secure. Secondly, is hovering your mouse cursor over the hyperlinked text in order to reveal the destination URL. If the link doesn’t look legitimate, congratulations, you have just avoided a scam email (just remember not to click on the link by accident).
Spelling and Grammar
Legitimate businesses tend to care about their spelling and punctuation when communicating with their clientele. If the email is rigged with grammatical errors, it could be an identifier for fraudulent activity.
What are they actually asking for?
Many emails pretend to be from an authoritative source, often prompting the user with a sense of urgency. If an email is directly asking for sensitive information or even worse, money; you can bet your bottom dollar it’s a phishing email. After all, that’s exactly the information hackers want and legitimate businesses never usually operate in that fashion.
Even with the most secure systems known to man, unfortunately it only takes one untrained user or a lapse in concentration to give away highly sensitive data or provide a hacker access to your system. According to Verizon’s 2018 Data Breach Investigations, 30% of phishing emails are opened by targeted users therefore, follow the above steps and avoid the next email scam!