For those of you who don’t know, the term “Phishing” describes a common activity by scammers and hackers on the internet. Essentially, the scammer tries to trick you into giving him your login or other confidential information by sending you an email requesting it that looks like it came from a reputable source.
For example: You might receive an email that claims to be from Wells Fargo, stating that there is a problem with your account and that you need to send them your login information right away to rectify the problem. Shocked and concerned, you of course comply with their request, and suddenly you gave your sensitive information to the wrong person. It’s quite an insidious trick in this author’s opinion.
So, you might be asking, how do I avoid scams like this? Well, thankfully there are a few telltale signs.
First: The sending address. Most of the time, phishing emails are pretending to be an official email from a bank, email service, or a similar company. You will have likely received emails from these sources before, and they all have very specific email addresses that they use to contact their customers. A phishing email will try to look like it’s from the correct address, but it won’t be. For example, Yahoo.com always uses an address that ends in “@yahoo-inc.com”. No one else has an address like that, so you know that if you receive an email pretending to be Yahoo asking for your account info that doesn’t have that address, it’s a phishing attempt. If you’d like to find out what the correct email address is for your services, each of them will have a Q&A regarding phishing on their support sites.
Second: Phishing emails will usually have a subject line that says something like “Urgent Action Required!” or “Your account will be closed!”. Phishing emails will try to use your concern to their advantage. Don’t let this trick fool you, and carefully examine the email and check with the proper channels about the supposed problem.
Third: Phishing emails will often include a link to a fake website. While you should avoid clicking these links at all, if you follow the link and find that the website looks unfamiliar to you, it is probably fake. Check the URL address at the top of the page, and make sure it looks like the website you are trying to reach. Barring that, the best solution when you receive such an email is to navigate to the website manually instead of using the link. If the email is genuine, you’ll be able to access all the information you need without using the link at all.
A useful trick to test a website that you suspect may be fake, is to enter the incorrect password on purpose. If it is a genuine site, it will give you an error because the password is wrong. This does not always work, however, so be cautious and use the tricks I’ve listen above to verify the site before continuing. If you believe you are on a fake, Phishing website, you should close your browser immediately.
If you have any more questions regarding Phishing, or would like assistance in securing your place of business, you can contact Netrique at any time using our contact page.