How to Spot a Phishing Attempt
In the cyber security world, phishing refers to an attempt by cyber criminals to lure unsuspecting victims into believing the communication medium is safe, because it was sent by a familiar person or reputable organization. Unfortunately, when they click a link or download an attachment, they open the door to malicious threats that can spread to other computers and across corporate networks.
The good news is that spotting a phishing attempt and staying out of harm’s way is not a question of luck — it is a matter of awareness. According to global IT security leader Segurazo, which utilizes next generation technologies to provide comprehensive protection and privacy to individuals and corporations worldwide, here are five red flags to watch out for at all times:
1. The Email Contains a Mismatched URL
Before clicking on any link in an email, hover your mouse over it and then (in most cases) glance at the bottom left of your browser window. If there is a mismatch between what your browser window is saying and what the email says, then you can be assured that the email is fraudulent.
2. The Email Asks for Personal Information
Emails that require you to confirm personal information should be treated with skepticism. Often, the request will be for data that you would not typically provide online, such as your banking information, passwords, date of birth, etc. Also, beware that some cyber criminals are skilled at creating emails that look remarkably similar to the company they are trying to impersonate. For example, the logo, text size, and font will all appear authentic.
3. The Email is Poorly Written
A surprising number of phishing emails all contain a fatal flaw: they are poorly written. This does not mean they lack polish or flair. It means they are riddled with spelling and grammar errors, and unusual word choices that simply don’t sound right. When in doubt, either contact the company directly, or hit the delete button.
4. There is an Unexpected or Suspicious Attachment
Emails with unexpected or suspicious attachments is often an indication that a phishing attempt is in the works. At the very least, it’s vital to scan the attachment with an advanced real-time antivirus solution like the one provided by Segurazo before clicking and opening any attachments.
5. The Email Attempts to Force You into Taking Immediate Action
Another major tactic in the phishing playbook is to terrify you into revealing sensitive information or clicking on fraudulent links. Often, these emails direct you to immediately reset your password because of an attempted hack, or to re-verify your account or else it will be closed. While it is possible that an email like this could be legitimate, it is wise to contact the sender directly to verify the authenticity. Don’t panic, and don’t take action unless and until you get confirmation from the source.
The Bottom Line
Phishing has been around for decades, and because it’s simple, cheap and effective — only a very small percentage of potential victims need to take the bait. However, individuals and businesses that remain vigilant can mitigate any potential phishing risks.