We’ve all heard about phishing on the internet. Some of us have even become victims of its malicious intent. So, what is Phishing, what does a Phishing attempt look like, and how can you stay well clear of its path? Read on to find out more!
What is Phishing?
Phishing is a cybercrime used to steal someone’s sensitive data which can include their personal information, their banking details, and their online usernames and passwords – generally via email.
Common Tells of Phishing Attacks
It’s easy to tell when someone is trying to steal your personal information when you know what you are looking for. Here are some of the top techniques to look out for and to be aware of:
1.) An Unknown Sender
This sentiment rings true throughout a lot of facets in life, especially so when it comes to phishing. Look out for overly pushy subject lines, any promises of free merchandise, savings that seem irregular or even impossible. You haven’t won a competition you don’t remember entering.
2.) Unexpected Attachments
If you receive an email that you are somewhat suspicious of or even an email you might have been expecting that has an out-of-place attachment – do not open it! Attachments can contain harmful viruses, ransomware, adware, worms or even trojans. The only attachment that is safe to open, no matter the circumstances, is a .txt file.
3.) If It Sounds Too Good to Be True, It Is
This sentiment rings true throughout a lot of facets in life, especially so when it comes to phishing. Look out for overly pushy subject lines, any promises of free merchandise, savings that seem irregular or even impossible, and winnings for competitions you don’t remember entering.
4.) Business Emails Sent from Public Domains
When receiving direct emails from businesses, have a look at the email address that the email was sent from. The chances of a certified and registered business that you have dealing with sending you an email from a public domain (@Gmail.com/@Yahoo.com/Hotmail.com/MSN.com/etc.) are slim to none.
5.) Termination Of Service Threats
Be wary of both emails and SMSs that lead with a threat to terminate a service you or your business are using. These threats will normally be followed by a date indicating when this termination will take place, which is meant to provide a sense of urgency in order to scare you into clicking on a phishing link or button. Do not fall prey to this trick. If you receive one of these emails or SMSs, contact the business directly and find out if the communication you received is genuine or not.
Preventative Steps You Can Take to Avoid Becoming a Victim
1.) Bookmark the Correct URL
Use your internet browser’s bookmark function to save and store website URLs that you use regularly. This way you will avoid gaining access and entering a cloned site – the sole purpose of which is to capture and steal your personal and login information.
2.) Utilise Spam Filters
Spam filters can assess where the email has come from, what software was used to send it, and can read the contents of the mail to tell if it is a legitimate email or not. It then blocks the email from entering your inbox, quarantining it inside your email’s ‘Spam’ folder.
3.) Hover Over URL Links
When you receive an email that contains a link, don’t just click on it and hope for the best. Hover over the link and see if ‘https’ appears at the beginning of the links URL. This is called a valid Secure Socket Layer, or SSL. All secure, and trusted, websites have SSL enabled.
4.) Regularly Change Your Passwords
To make sure your passwords are safe from cybercriminals, try to change them every few months. Also, don’t use the same password across all of the different sites you need to log in to because if this one ‘master password’ gets stolen via a phishing scam, they will theoretically have access to all of your private information. Our recommendation would be to use variations of three to five passwords across your various logins.