Many of us think cybercriminals are masterminds who execute futuristic computer attacks to steal millions of dollars. The truth is, they are simply scam artists trying to steal from unsuspecting Internet users like you and me. One of their favorite techniques is called “phishing.”
Phishing is a form of digital fraud by which the attacker tries to trick you into giving them your personal information. Usually attackers use emails or phone calls to impersonate individuals or businesses you recognize, or have a relationship with, such as banks or Internet Service Providers. Phishing attacks can cost a company millions of dollars. For regular folks, it could mean the loss of one’s entire life savings. according to Wombat Security’s 2016 State of the Phish report, 85% of organizations have suffered from a phishing attack.
Phishing attacks also are rampant among individual users. Sadly, 97% of people around the world cannot identify a phishing email. Even more frightening is the fact that 30% of all phishing emails are made to look so authentic that many people unknowingly open them. This is why companies and consumers must be diligent about protecting themselves from these scams. To arm you against phishing attacks, we’ve outlined some of the most commonly used tactics and ways to protect yourself:
Don’t automatically trust the name displayed.
Just because your email says it’s from your bank or grandmother, doesn’t mean that it is. Don’t always trust the name displayed in the “FROM” field of a new email you receive. A favorite tactic among phishers is to mask the display name of an email the name of somebody in your contacts. This tactic is known as spoofing. For example, if a fraudster wanted to impersonate your bank, the displayed name would read “your bank.” You can avoid this trap by taking your mouse and hovering over the displayed name to view the full email address If the email address doesn’t match the name, it’s a good bet that it came from a fraudster. If it is a phishing attack, the email should be deleted and reported as spam immediately. Also, be sure you have spam protection enabled.
Be on the lookout for non-personal salutations.
If the email’s opening line begins with a vague greeting, such as, “Dear valued customer,” it’s a good sign that it came from a scammer. Legitimate businesses that have a relationship with you will have your contact information, and will usually address you by your first and/or last name.
Look but don’t click on suspicious links.
Fraudsters love to embed malicious links in the text of an email. If you have received and opened an email with a suspicious looking link, we have an easy way to confirm that the link is legitimate. Simply hover over the link and a preview showing the first few lines of text and images from that site. If the link doesn’t match the site preview, it is highly probable that site is from a fraudster. Don’t click on the link and delete the email. Fraudulent links will lead you to an alternate site or an online advertisement -- all of which may contain malicious malware.
Look out for frequent spelling errors.
Spelling errors in an email subject line or the body of an email is a dead giveaway that the message is from a phishing scammer trying to get your information. If you see frequent spelling errors, anywhere in the subject line or email body, delete the email or confirm who it came from first before responding to it or downloading anything from it.
Look but don’t download suspicious attachments.
A common practice of email phishing is to include attachment viruses and malware that can damage files on your computer, steal private information and even spy on you without your knowledge. You can easily spot this by looking at the file extension such as .bat, .btm, exe or m4k. If you don’t recognize those extensions, the attachment may have come from a scammer and the email should be evaluated using the other factors mentioned in this post.
These tips are just a few ways you can protect yourself from phishing scams. Keep in mind that new tactics to scam people are always being developed. You’ll need to keep your mind’s fraud sensor turned all the way up every time you get an email you weren’t expecting. By following these simple tips, you can save yourself a lot of time and money from these scams.