Learn about Technology
Tech Blog
Phishing Emails
Spams, junk mails also called phishing emails are fraudulent emails that malicious people send you to retrieve your personal data. How to stop them ?
TABLE OF CONTENTS-JUMP AHEAD
What Is Phishing?
Phishing is a form of cyber attack that uses fake emails. The goal being to trick people into thinking the email is something they want or need solved, an account malfunctioning, a bank request etc… It’s called “Phishing”, pronounced “fish” as an analogy of throwing a bait ( in this case the email) and hoping the fish ( any recipients to their email ) eventually bites ( believing their email and clicking on a link ). They are mostly looking to get personal info or account login info.
Recognizing Phishing
The first step is to recognize that the email is fake, so you can take the right precautions. Here are key things you should look out for:
1. The Email Address
Scammers often try to pass as a company you know, use and trust in order to get your personal info. Like a bank, a social media site, etc… The email itself might look like it comes from that company with the logo and header, but they cannot replicate the official email of that company. If you check the name and it looks like it isn’t from the company you can immediately tell it is a scam. If it still looks legitimate, you can check the company’s website and see if the email address is listed.
2. The Link
Those emails often include a link that you have to click, or an attachment you have to open or download. To lure you in, they might say they have detected suspicious log-in activity or maybe there’s a problem with your account or payment info that you need to confirm. When in doubt don’t click on it.
3. Spelling
Spelling is a BIG indicator of a scam. They will sometimes add an extra letter or misspell the company name, in the email, header or even the link. Look out for those errors indicating that this is not the actual company (ex : Netxflix for Netflix)
Other things to look out for that aren’t as conclusive are the greetings, companies where you are a customer often might greet you with your name, if the greeting looks generic ( “Hey dear”, “Hello” ) it might be a mass sent email. Redirections are also a sign, the link might lead to a totally different website, you can check this by hovering over the text or button, and it will show you what the exact URL you are being redirected to.
EXAMPLE OF A PHISHING EMAIL
Here are some ways you might recognize this email as a scam.
- The “Action Required”, most phishing emails will require you to take immediate action. Leading you to click on a link or send personal info without thinking.
- The email looks like a normal email but you can see via followed by a website that doesn’t look like the “NetworkSolutions” website.
- The “Generic Greeting”, if you had to take action regarding a specific amount, the email would greet you using that account name.
- It tells you the only way to resolve the issue is to click on the attached link
Dealing With Fishing
So let’s say you receive a phishing email, recognizing it as a scam is the first step. But what do you do next?
What To Do If You Suspect A Phishing Attack
The best thing to do if you are suspecting a phishing attack is to block the sender and delete the email. You can also report the attack, helping fight the scammers and protect other people on the government’s website: Report fraud and cybercrime
If you are worried whether the information might be true, one thing you can do before clicking on any links or attachments is to contact the company in question using an email or phone number from their website you know is real and confirming with them if they’re indeed the ones who sent this email to you.
What To Do If You Answered To A Phishing Attack
If you think a scammer has your sensitive personal information, such as Social Security number, Credit card number etc.. You need to report it on the government’s website: Report fraud and cybercrime
There you will see the steps to take for the specific type of scam that has happened. If you have lost money you also need to contact your local police.
If you think you have downloaded anything harmful on your device, get an up to date security software and run a scan.
Preventing Them
Security Softwares: You can install an up to date security software on your computer so it can deal with any new security threats you may receive. On your phone even without a security software, setting software updates on automatic is safer for you as these updates provide protection from threats.
Multi-Factor Authentication: this offers more security on your accounts as you have multiple ways to log into your account. This makes it harder for scammers to access your information because even if they have a hold on one login credential, they still cannot log in.
Practice: There are multiple websites and games that offer a look at fake emails, this way you will be better at recognizing them and avoiding them when they get into your inbox. Here are examples :
- This University keeps a database of recent phishing emails : Leigh’s University Database
- Here is a fun quiz to take and see how many phishing emails you can catch ! Phishing Email Quiz