There are times when hackers break into networks and accounts using a variety of tricks. There are also times when they rely on something much less sophisticated, such as phishing.
In short, phishing is nothing more than a tactic that tricks a user into providing confidential information, such as passwords, Social Security number, or financial data.
Indiana University does a great job explaining the basics of phishing:
“Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g., your university, your Internet service provider, your bank). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (e.g., passphrase, credit card, or other account updates).”
If you’re concerned about falling prey to a phishing scam – and you should be – there are several steps you can take to avoid trouble. Here are five things you should absolutely be doing:
1. Learn to ID Suspicious Emails
Like many people, you probably receive quite a bit of email every day. While there’s nothing wrong with this, it can go a long way in bogging you down. Subsequently, you may find yourself opening emails that you would have otherwise ignored.
Here are some of the things scammers do in order to appear legitimate:
- Duplicate the brand of a real company, including its name and logo.
- Include websites that appear similar to the real company’s online presence.
- Promote something of interest, such as a free gift or an upgraded account.
If you have any reason to believe that an email is suspicious, it’s best to delete it without delay.
2. Use Common Sense
Would your email provider really ask you to share your password in an email? Would your bank really ask you to provide your account number and PIN via email?
Never respond to an email in which you’re asked personal questions. If a legitimate company has a question or concern, they won’t send a basic email asking for answers. Instead, they’ll contact you via snail mail or phone.
3. Computer Security
Is your computer protected to the fullest extent? If not, now is the time to make some changes.
For example, make sure your antivirus software is up to date. Along with this, keep your operating system and browser current.
Tip: as part of a company, such as a business owner, you may want to implement a data protection policy to help guide your employees.
4. Read Your Email as Plain Text
If you come across a suspicious email, the best thing you can do is read it as plain text. This will give you a better idea as to whether or not it’s legitimate.
Phishing emails often include clickable images that appear legitimate on the surface. However, by reading these messages in plain text, you will see the URL associated with the image.
5. Pinpoint Poor Quality
While not always the case, most phishing scams are associated with poorly written content. For example, the person may use a variety of languages in the message. Along with this, there will be typos and grammatical mistakes throughout.
A poorly composed email should be a red flag.
Every year, phishing is responsible for tens of millions of dollars in damage to companies throughout the world.
As an individual, there are steps you can take to avoid a phishing scam. If you follow the five tips above, you’ll feel better about your ability to pinpoint trouble.
Final note: as previously mentioned, it’s better to be safe than sorry. If you have any questions about the legitimacy of an email, don’t spend any time with it. Instead, send the message directly to your trash folder.