What are Phishing emails?
Phishing emails are sent the intention of getting in innocent user to click on a link and enter their personal details on a website that looks like a legit website. The website that you are redirected to will look genuine by having the logo and branding look exactly like a company that you deal with. This webpage can look very convincing and may lead you to believe that the email is legit when it is not.
The scammers who create these webpages are able to use urgency tactics to bring about fear within users and forcing them into entering their personal information. We can tell you that we have encountered these scenarios on so many occasions and it is well knows that legit businesses will never ask their customers for personal information as they should already have your personal information available and not need you to fill your personal details out on an insecure webpage. We have come up with a few tips that will help you recognize a phishing email and prevent your personal information from being compromised.
What Are The Different Types Of Phishing Attacks?
Your business can avoid potentially become a victim of a phishing attack by understanding some of the most common phishing and the steps we recommend to prevent them. Guarding yourself against cyber attacks can give you personal peace of mind. By knowing some basic information with regards to Phishing attacks and and cyber crimes in general, you can focus on growing your company and spending your time and energy on the things that matter.
Email Phishing – Using phishing emails has become probably the most common way that attackers try to gain access to your personal information. This is due to the fact that nearly anybody now has access to an email account and many people are still unaware of phishing emails. These attackers are able to send out a huge number of emails at a time and a large percentage of people are not aware of phishing and are most probably going to open the email and assume that it is legit coming from a legit company.
Spear Phishing – Spear phishing is a more advanced and well researched approach as the attacker gains a considerable amount of background info on the company and users that they are trying to target. They then create an email that looks like it may have come from a family member, friend or a fellow employee appearing like a legit email. A less technological user will assume this email to be legit which makes them vulnerable resulting in them not even thinking before clicking the link within the email.
Social Phishing – With this method an online hacker or attacker will create a new social media profile that looks like a friend, family member, or work colleague and impersonate them into tricking you into thinking that their profile is genuine. They impersonate somebody you know which makes users vulnerable to collect personal online information from you. In Recent years most Social media platforms have been cracking down on security to prevent this from happening however we still advise you to be aware of who you chat to on social media.
How To Recognize Phishing Emails
Always ensure that you have checked the following warning signs before clicking on any link in the email:
- Usually if an emails ends up in the spam folder or advertising folder if you are using Gmail, this is a huge red flag already that the email is not trustworthy and you should not go anywhere near that email.
- Always check where the email was sent from. If the address used looks similar but not quite the original address of a company then this can be considered a warning sign. Another red flag is if they are using generic free email providers like Yahoo or Gmail. A serious company would most likely not be using a free email provider as this can seem unprofessional.
- Generic greetings such as “Hi there”, “Dear Customer”, would most probably be used as they don’t recognize exactly who they are sending the email to.
- These emails will have urgency in the subject line that will try and get you to open up the email. They will use word such as “fix this now!” or “Action required immediately” to force you into opening the email.
- The email is not written very professionally and filled with spelling, grammatical and punctuation errors.
- The link that you click on leads you to a website that does not the text in the URL and instead redirects you to a bunch of fake sites.
- These emails will also contain attachments that they will try to get you to open and download to your computer. Don’t open up any attachments unless you are sure that you are expecting it from a trustworthy source.
- They don’t provide any contact details. They usually would never provide you with a phone number and that is a huge giveaway that it could be a scam.
How To Prevent Becoming A Victim Of Phishing Emails
- Don’t click on any links unless you are completely sure about the source of the email. To ensure that you are going to site claimed, hover your mouse over the link and a little pop up box will indicate the destination of the link. If destination of the link of the link itself looks untrustworthy then don’t click on it.
- Don’t ever download attachments from emails with addresses that you are unaware of as these attachments could be a virus, spyware or any form of malware that can take over your computer and cause data loss. Your information could also be compromised and personal information of yours could be stolen.
- We recommend that you use filters within your mailbox to neatly organize your email and use them to flag unknown addresses and spammy looking emails.
- A golden rule for everybody to follow is to never ever give out your personal information as stated earlier that if you had a friend, family member or an organization that work with you, they most likely would not require your personal information and would have it already. A bank for example would not ask for your credit card number as they would have this information already. Install a plugin on your preferred browser that will detect and alert you about phishing sites. Make sure that the plugin that you are using has good reviews.
- Use a plugin on your browser that will detect and and alert you if the site you are visiting is a phishing site. Make sure to check out the ratings of the plugin first before installing.
- Ensure that the website you are visiting is SSL secured. You can check this by looking at the top left of your browser at the beginning of the search bar, if there is a green padlock then this means that the site and encrypted which means that your information cannot be seen. If however there is not padlock on this site then you should never enter your information on it as it is most likely phishing scam.
- Use 2 factor authentication within your accounts which adds another layer of security and makes it much more difficult for hackers to gain access to your information.
- Report Phishing Emails. If you suspect a website to be fraudulent, report it immediately to your email provider’s spam team.
- Try and keep those that you are in contact with alert about phishing emails and give them a basic lectures on what phishing is as they can also become a victim of this.