We usually see this term on the internet. But do you have any idea what “phishing” is?
Phishing is an online fraud in which a fraudster is disguised as a trustworthy entity in an electronic communication. Some hackers create phishing emails containing malicious links or attachments that can perform a variety of functions, including the extraction of login credentials or account information from victims.
What Does Phishing Email Look Like?
As mentioned earlier, cybercriminals pretend to be members of reputable corporations. They will send you emails with malicious links. Although cybercriminals can fake the emails, you can spot the differences between emails of the legitimate corporations and the fake ones. Often poor grammar, sentence structure and spelling are clear signs of possible deception and a good understanding of English grammar would help you avoid the bait of the fraudsters.
Don’t trust email with grammar issues
We don’t want to sound like grammar nazis. However, most of the time, spam emails and phishing mails have poor or distorted grammar. In a blog post on Microsoft (official website), it shows a sample of an email from a phishing scam. A suspicious email has lots of misspelled words and bad grammar. Come to think of it, big companies are strict when it comes to sending letters. Before releasing a copy, it should undergo a QA, and should be proofread by editors to ensure no errors.
Don’t Click The Link
Spammers (those who are practicing Black hat SEO) and fraudsters love inserting links to achieve their agenda. What you can do to avoid their tricks is, avoid clicking the links, especially if you doubt the intention of the letter. If you find yourself curious about the link provided, rest your mouse (but don’t click) on the link (or it could be hyperlinked words or paragraph) to check if the address matches the link that was typed in the message.
Don’t be intimidated by fear and threats
Con artists love intimidating people so they can manipulate them. Usually, they send email telling users that their security has been compromised. The best way to avoid this, is to ignore it and don’t reply nor click a link.
Scam Artists Imitate Popular Sites and Companies
To convince you that their emails are from the legit companies, they will use the logos (without permission) and web addresses that resemble the names of well-known companies but are slightly altered. So again, check the body of the mail, but don’t reply or click anything without checking the links.
Spotting a phishing email
- Look carefully at the email address. Check if it has numbers in it, or seem odd in any way. Check the phone number. If something suspicious, don’t continue checking the link. Usually, big corporations emails have no numbers.
- Zoom in the logo and look closely. Compare the logo to those used on the company’s official website.
- If the content looks rushed and lots of grammar errors, don’t trust it.
- To check the links without clicking, hover the mouse over the link, or copy the link address into a Word Document. If it doesn’t match to the official page, then, it is a scam mail.
There are two types of phishings:
Spear phishing – an online communication scam targeting a specific individual, organization or business. It intends to steal data for malicious purposes. Most of the time, online scammer intends to install malware on a targeted user’s computer.
Whale phishing – Its target is wealthy, powerful, or prominent individuals. The term “whale” describes the victims belong to prominent class.
Aside from emails, cybercriminals also use phones to bait victims. They could offer you to help solve your computer problems or sell you a software license. Once they’ve gained your trust, they will ask your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable. If you have received calls, be skeptical. Do not provide any personal information.
Although it is advisable to ignore sketchy offers and emails, experts are encouraging us to report a phishing scam. If you receive a fake phone call, take down the caller’s information and report it to your local authorities.