Get up to speed on email phishing scams and how to protect yourself.
What are phishing scams?
Email phishing scams are one of the most common cyber attacks in use today. Phishing is a long time social engineering tactic used to trick people into giving up information the attacker wants. The term “phishing” is a play on the actual word, fishing. The attacker being the fisherman, attempting to lure their victim with the email as the bait.
The attacker will pretend to be someone you know or trust by using email, social media, and other online avenues. More often than not, the perpetrator will try to get you to click a link in your email that sends you to a fake website. The fake website might directly attempt to get the victim to input personal, or even bank information. Again, the attackers will make every attempt to appear like a legitimate person or company. It is crucial to be able to identify these various tactics in order to protect yourself from fraud.
How do they work?
As mentioned, the most common attacks are email phishing scams disguised as actual emails. Some phishing attempts are more obvious than others. The email could be from a company you work for, or even a friend or family members own email address that has already been compromised.
Next, the contents of the email will contain some sort of payload or call to action. Potentially, even fear tactics to get the victim to divulge information. Often times there is a malicious link in the email and the attacker will use the fear tactics or persuasion to get you to click it. Once the link is clicked, a number of things might happen. Your PC may download malware or ransomware, which will infect your computer with malicious software. The link could also lead you a website attempting to get you to fill out a form with personal information in order to eventually use it in identity theft fraud.
Lastly, another common email payload in the phishing attack could be a Microsoft Office document. Office documents are known for being used as gateways to exploiting a users computer. The attacker will persuade the victim to enable macros in the Office document, which can grant them permission to install malware or ransomware, as mentioned above.
How can you protect yourself?
Using the information above, and a bit of common sense, will go a long way in protecting yourself from email phishing scams. In addition, IDP Deals has compiled the points below to use as guidelines:
- Always check the sender address in any email you get. Trust only email senders that you know personally, or are from organizations or company’s where you are certain of their legitimacy.
- Never click on website links or URL’s inside any suspicious email.
- Never reply to a suspicious email with any personal information, especially your Social Security Number.
- If you receive an email that says “Congratulations! You have just won $1000!” and then proceeds to ask you for your personal information, don’t do it. As the saying goes, if it sounds too good to be true, it probably is.
- Don’t give in to repeated phishing attempts, or fear tactics. Sometimes attackers are very persistent and may even threaten you in an attempt to get information out of you.
- Be cautious of someone asking you to open attachments in your email. This could be an attempt to install malware or ransomware as discussed previously.
- Protect your computer with anti-virus and anti-malware software for additional protection.
- Again, use common sense and treat suspicious emails with caution.
Armed with this information, you are now ready to take on even the best email phishing scammers out there! If you are looking for even more protection, IDP Deals recommends enrolling in an identity theft protection service. LifeLock services are tailored to protect against such scams in addition to fraud, and much more.