What is phishing?
The definition of phishing is: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. Similar to the word “fishing” the name says it all. A Hacker will use bait in the form of a email seemingly from a trusted source. They will attempt to have you click a link where they will confirm your credentials so they may make fraudulent accounts or hack your current accounts.
We have all at some or seen or heard of a phishing email. Some well known examples: the prince of Persia has passed away and lucky you, you are the last living descendant, and will inherit $100,000,000, we just need your banking info to send it. What about, you owe $100,000 in Federal back taxes and you will lose your home unless you pay in full, or congrats you won a contest for $50,000 we just need your info to deliver payment. The above examples are more so exhausted and outdated attacks that everyone has heard of. Hackers these days are getting more camouflage and sneaky with their approach. A lot of today’s hackers are sending emails almost identical to what you would expect to receive from a reputable business. In all these emails the sender will ask to click a link to confirm account information or data. Here are a few tips and tricks to be sure that you are never subject to a phishing attack.
Most companies do not request information via email
It is very likely that if you find an unsolicited email in your inbox that has a link or attachment prompting you to provide information, it is a con. No reputable company out there today would ever ask for personal or business info over phone such as passwords. credit card info, tax info, credit score etc. Also, no reputable company will ever ask you to log in threw a link they have sent you.
A company that knows you, typically addresses you by name.
Lets face it, customer service has grown exponentially in the last few years. A company whom you do business with or a company trying to gain your business is going to address you by name. A hacker on the other hand, likely does not know your name. Since the do not know your name they usually address you as “Dear account holder”, “Dear valued customer”, etc. If a company you do business with needed something from you they would address you by name and likely ask for a call by phone.
Real companies have domains
If you are to hover over the ‘from’ address in an email you’ve received, you will notice it will pop out and email. This is the email address the original email was sent from. So if you received an email from ABC Bank likely it would read: Name@abcbank.com. Everything after the ‘@’ symbol is the domain. Legitimate companies have domains in their name and you should always check this to be sure the email you have received is from the source it is claiming to be. Now, look at this email and see if you spot the difference email@example.com. Notice the addition of the number ‘1’. Hackers have gotten wise that people are being more safe. As you can see it is almost the exact same except for 1 character. You can see how this could be easily overlooked. Remember, this is not necessarily always going to be the case as some companies do use unique domains to send emails, and some companies do use 3rd party email providers.
Real companies know how to spell
Another thing to keep an eye on is bad grammar or spelling. If you were receive an email from a reputable company it should be well written. It is know that hackers do prey on uneducated people because they think they are less observant and therefor, better targets.
Even with all the protections put in place by knowledgeable techs, it truly only takes a single person in any organization who is untrained to be had by a phishing attack. If this happens then you will give away everything you have worked so hard protect. It is imperative that all employees from the CEO to the data entry clerk know what to look for in a phishing email and know what to do when one is received.