Over recent years, cybercrime has become much more sophisticated and it targets everyone ranging from home users to international organisations. This article will discuss the most popular and sophisticated type of online scam - phishing, how it works, what are the most popular topics of email used by cybercriminals and how to identify a phishing email.
In a nutshell...
What is 'Phishing' and how it works?
'Phishing' is an online scam where criminals send an email to individuals or organisations that seems to be from a legitimate company and it asks you to provide your personal information. The emails usually ask and urge you to reply to them, follow a link included in the message or download an attachment.
Therefore, term 'phishing' is a spin on the word fishing as it refers to cybercriminals dangling a 'lure' (email/ link) in order to receive sensitive information of the person who went for the bait and opened the email or a link.
The scam works because the communication appears to be initiated by a legitimate person or company. Repeated phishing attacks all around the world have imitated messages from financial institutions, online retailers and services (ex: Amazon, eBay, PayPal), social networks (ex: Facebook), or even from a friend or colleague. In order to make phishing look genuine, attackers include photos and information from the original website.
What do they want?
Nowadays, all of our vital information is on our computers and by getting access to your computer via malware or by pretending to be someone else, cybercriminals' options of what to do with your information are endless.
Generally, phishing emails aim to gather information such as social security number, passwords, bank account number, credit card details, PIN number, home address, social media account, birthday, mother’s maiden name and other information that could be compromised or used against you.
With this information, criminals can withdraw money, make purchases, steal your identity and open credit card accounts in your name, further trade that information about you or even blackmail you.
How to recognise a phishing email?
Enterprise Phishing and Resilience Report
reveals the most used topics and emotional factors to attract victims' attention in their email box.
The common thing in all these scam scenarios that they create the sense of urgency to open and read the email as well as the majority of phishing emails contain some sort of 'gift' in a form of a coupon, discount or freebies. Of course, sometimes legitimate companies that we know send us special deals or discount codes, or we get an urgent email, however, it is incredibly important to discuss all the clues that help to recognise a phishing email.
Clue 1: Do they know your name?
If the email is not addressed to the recipient, the name is spelt incorrectly, or it says 'Dear Customer' you should be suspicious. All legitimate companies have enough customer information to use the recipient's name or another meaningful identifier rather than addressing you as a customer/student/user or anything else that could fit thousands of other people.
Clue 2: The sender’s email address.
Look at the email header. Does the sender’s email address match the name and the domain?
Here’s an example: an email from Amazon that comes from “firstname.lastname@example.org” it is legitimate. But an email that appears to be from someone at Amazon but was sent from a different domain (not from ...@amazon.com), as in the email in the picture below, is most certainly not from Amazon.
Clue 3: They ask you to send them or verify personal information via email.
Often, phishing emails claim that there was a problem with your recent purchase or delivery and ask you to resend personal information or just click on a link to resolve it. Banks or legitimate e-Commerce representatives will never ask you to do that
because companies do not need to verify your information that they already have, as well as they know that handling of personal information via email is unsafe on both sides.
Clue 4: They are portraying the situation as very urgent.
Be suspicious of any mail that has urgent requests (e.g. “respond in two days or you will lose this deal”), exciting or upsetting news, offers, gift deals or coupons (especially around major holidays or events, such as Black Friday or Christmas).
Clue 5: Typos, mistakes and low-quality pictures
Generally, scams before could be easily spotted due to obvious grammar mistakes, typos and low-resolution pictures. Unfortunately, scammers are much more sophisticated in trying to create an image of a legitimate company. However, a keen eye can spot the difference; lookout for images that don’t match the background or look formatted to fit the style of the email, stock photos (they have watermarks on them), photos or logos uploaded at low resolution.
Clue 6: They claim to be from a law enforcement agency.
Law enforcement never uses email as a means of contacting people.
Clue 7: They ask you to call a number and give your personal details over the phone.
If this is the case, search for the official correspondence from the company and use the phone number provided them to verify if this is true.
Clue 8: The sender does not have a signature on the email
If an email is addressed from an organisation, all the emails should have a signature (sender's/company's name, address, contact info, etc.). Lack of details about the sender or how to contact the company points into phishing direction. A legitimate company will always provide such information.
Other things to look out for:
Phishing emails could also have attachments such as PDF or DOC files, that contain links or can hide malware. Other times, they can cause your browser to crash while installing malware. Thus, never open attachments from a suspicious sender!
2. External links
What should you do if you have already clicked on a link in the suspicious email?
Firstly, check whether the domain is correct? Don’t forget that the link may look identical, but use a variation in spelling or domain.
Another way to check that is to look on the left of the web address: is there an icon of a closed padlock? Or is the address highlighted in green? This will indicate that you are visiting an encrypted site and the transferred data is safe.
The padlock indicates that the site is safe:
And, of course, do not enter any of your information ad exit the website immediately.
One more advice: for preventing phishing, always trust your gut. It may not be the most scientific approach, but you should just listen to what your intuition tells you. If something feels wrong or if it’s too good to be true, it’s better to stay away from it.