Don’t get hooked!
Email phishing 101
Phishing is a type of online scam and easiest form of cyber attack, which can provide criminals everything they need to gain access to every aspect of your life. It is usually carried out through email that appears to be from legitimate companies to trick receivers into providing their personal information. The email usually includes a link that direct targets to malicious websites posing as legitimate sites and ask targets to enter their personal information such as credit card numbers, usernames, passwords, date of birth, etc.
Report phishing emails
Take a more proactive role to stop phishing by reporting them to the authorities. Forward spam emails to firstname.lastname@example.org.
Phishing happens over the phone too!
Scammers are always looking for ways to get what they want to carry out fraud. With today’s technology, these crooks can make their phone numbers appear authentic (e.g. match the phone number on the back of an ATM card). Again, the objective is to get sensitive information.
Can you outsmart internet scammers? Take this quiz to find out https://www.opendns.com/phishing-quiz/.
Avoid falling for a phishing scam
Use your own link. Do not click on the link included in the email. If you use a company and have a bookmark for the website, use that. Otherwise use a search engine to find the company’s correct site.
What to look for in a phishing email
1. Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like “First Generic Bank Customer” so they don’t have to type all recipients’ names out and send emails one-by-one. If you don’t see your name, be suspicious.
2. Forged link. Even if a link has a name you recognize somewhere in it, it doesn’t mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, don’t click on the link. Also, websites where it is safe to enter personal information begin with “https” — the “s” stands for secure. If you don’t see “https” do not proceed.
3. Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
4. Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.
What to look for in a phishing website
1. Poor resolution. Phishing websites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious.
2. Forged URL. Even if a link has a name you recognize, it doesn’t mean it links to the real organization. Read URLs from right to left — the real domain is at the end of the URL. Also, websites where it is safe to enter personal information begin with “https” — the “s” stands for secure. If you don’t see “https” do not proceed. Look out for URLs that begin with an IP address, such as: http://126.96.36.199/firstgenericbank/account-update/ — these are phishes.