Today we would like to inform you about phishing. What it is, how you can protect yourself from it and tips on identifying phishing attacks.
Protecting yourself against phishing
Cyber criminals are taking advantage of the uncertainty and the increased stress that the pandemic has caused all of us. Not to mention that we all have received an increased number of emails due to updates regarding Covid-19.
Phishing is a method of cyber-attack using email, social media, text messages, and phone calls to trick the victim into giving out personal information. The attacker will then use the information to access personal accounts or commit identity fraud.
Another goal for a phishing attack is to trick the mark into downloading and installing malware on their personal device.
How do phishing attacks work?
Email is the most common tool used in phishing attacks. The attacker will disguise the email to look like it was sent from a legitimate company. For example, an attacker could craft an email to look like it was sent from your bank.
How to spot a phishing email?
- Look at the “from” email address
If you receive an email from a business, the portion of the sender’s email address after the “@” should match the business name.
If an email is representing a company or government entity but is using a public email address Like “@gmail.com” is a sign of a phishing email.
Keep an eye out for subtle misspellings of the domain name. For example, let’s look at this email address: firstname.lastname@example.org. We can see that Netflix has an extra “x” at the end. The misspelling is a clear sign that the email was sent by a scammer and should be deleted immediately.
- Look for grammatical errors
An email that is full of grammatical mistakes is a sign of a malicious email. All the words maybe spelling correctly, but sentences are missing words, that would make the sentence coherent. For example, “Your account is been hacked. Update password to account security.”
Everyone makes mistakes, and not every email with a typo or two is an attempt to scam you. However, multiple grammatical errors warrant a closer look before responding.
- Suspicious attachments or links
It is worth pausing for a moment before interacting with any attachments or links included in any email.
If you don’t recognize the sender of an email you shouldn’t download any attachments included in the email as it could contain malware and infect your computer. If the email claims to be from a business, you can Google their contact information to verify the email was sent from them before opening any attachments.
If an email contains a link, you can hover your mouse over the link to verify the URL is sending you where it should be.
- Watch for urgent requests
A common trick used by scammers is to create a sense of urgency. A malicious email might manufacture a scenario that needs immediate action. The more time that you have time to think, the greater the chance that you will identify the request is coming from a scammer.
You may receive an email from your “boss” asking you to pay a vendor asap, or from your bank informing you that your account has been hacked and immediate action is required.
Thank you for taking the time to read our newsletter, we hope this information helped you understand more about cyber attacks and how to prevent it from happening to you. We are happy to help and support our customers.