Phishing – one of the easiest scams in a hacker’s playbook. All it takes is one click of a link, and a phisher can take full control of your computer or smart device. But how can a phishing scam be spotted, and how can you minimize the danger? Welcome to the Managed Services Blog, and today, we will look into the ways you can protect yourself from phishing attacks.
In previous entries of the Managed blog, we have discussed what the dangers of phishing are, but what exactly is phishing? According to Merriam-Webster, phishing is “a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly.” This is pretty much accurate for almost all phishing attacks, but it’s not only emails, as we shall see.
So how does phishing work? Basically, a hacker sends a link, in either an SMS, email, or social media post, urging the recipient to click on it because something amazing or terrible could happen if they do or don’t. The victim clicks on it, and unwittingly downloads malware to his or her computer or device, giving access to the scammer. After gaining access, the hacker can then gather passwords, access store or bank accounts, steal files, or install ransomware.
It is one thing knowing what phishing is and what goes into an attack, but it’s another thing to know how to spot an attempted phishing scam. Let’s see some of the most common points:
1. Sender field: For suspicious emails, check the sender field – that Update Password email from Google might look real, but it could be sent by someone else from somewhere else entirely.
2. Content: Read the content carefully, and between the lines too – phishing emails, SMSs, and posts create pressure to click a link, with tactics like a close deadline or persuasive text that, for example, creates a fear of losing something irreplaceable.
3. Grammar: Most emails from respected companies like Amazon or Google use well-written text in their emails – if the emails you get seem off in the grammar department, don’t trust them.
4. Links: If there is a “Click Here” link in the message with no visible link, hover the cursor over the link, and see the destination – if you don’t recognize it, just don’t click it.
At the end of the day, though, as with many things on the internet, if something doesn’t look right, it’s better to trust your instincts and leave it alone – the results would be better in the long run.
And with that, that will end this week’s edition of the Managed Services Blog. Check back next week for more intriguing topics. Until then, take care and stay Cyber Safe.