Heard of Phishing and don’t know what it is? Don’t worry I have you covered and you don’t need to get confused with too much technical jargon. Getting to grips with this will help keep you safe online.
I’ll explain everything about Phishing, how to spot Phishing attempts and how to prevent Phishing attacks. I also go over the various types of attack you are likely to come across and how these could seriously harm you and your privacy.
Lastly I share some things to do with your phone in particular that can help with online safety. Let’s get to it!
What is Phishing?
Phishing is the fraudulent process of seeking sensitive information such as usernames, passwords and credit card details by posing as a trustworthy entity in an electronic communication – usually by email.
Phishing attacks are typically carried out through e-mails that may contain links to a fake website or a fake address where you can supposedly login and update your personal information. It is called phishing because it is a way of “fishing” for such information from victims.
Variations of Phishing attack delivery has led to some other terms you might be familiar with :
Smishing – were Phishing is carried out by sending SMS text messages
Vishing – Phishing attacks are attempted using voice calls
I have covered both of these in detail but all are basically forms of Phishing just using different contact methods. It can sometimes be referred to as Spoofing as they try to Spoof being a legitimate website or company.
What Types of Phishing Attack are There?
There are many types of Phishing attacks some more sophisticated than others. I’ve mentioned the different ways they can be delivered giving these different names.
They are usually widespread attacks – meaning they gather contact emails etc. in huge numbers through other hacking methods. Then the Phishers send out the emails en masse.
Sometimes they can be directly targeted at an individual or company – this is referred to as Spear Phishing.
Here are a few common types of Phishing Attacks
Bait and Switch : The attacker will send you an email in order to get your credit card number in the hopes that they can use it for illegal purposes. They will ask you to verify or update your credit card information. Sometimes this is done through a website link where the attackers have created a website that looks like one of the checkout pages, but it is actually not.
Pharming : The attacker will send you an email claiming that your account has been compromised by someone else and they want to help you. They ask for your credit card number (and sometimes other personal information) in order to verify that it is indeed yours. When you type in your credit card information they will use it for illegal purposes.
Fake Pages : The attacker will send you an email with a website link to, let’s say, iTunes or some other Apple site. You click on the link and it looks like it is opening up Apple store, but instead it opens up a fake page where they try to get you to enter your Apple ID and password. This is only one example, any email that asks you to click on a link can be considered “spoofing“.
There are more technical methods using popups and redirecting website urls that can include actually hacking the legitimate websites in order to steal your personal data.
How to Identify Phishing Emails
It is possible to spot some Phishing email but you need to be observant. Here are a few signs to look out for:
- Public email domains – By that I mean that they have an email address from a public domain such as yahoo.com, gmail.com etc. Legitimate Banks and companies don’t use Gmail addresses! Also look out for slight spelling differences in the email domain name. This applies to both their sending and receiving email addresses.
- Suspicious Links or Attachments – If you see a link or file and you don’t recognize where it is coming from, proceed with caution! If the email asks for any sort of personally identifiable information such as credit card numbers, social security numbers, passwords etc. – DON’T ENTER IT!
- If a link directs you to a webpage be very careful to check the page is legitimate and not a fake. Check the domain name and URL in your browser and look for any irregularities. If in any doubt leave and contact the company directly.
- Does it Use Your Name? – most legitimate company emails now address account holders by name for example Pay Pal do this as standard. If it is a generic Dear Sir or Madam be cautious.
- Poor Grammar and Spelling Mistakes – This is one of the most common giveaways for Phishing emails. If they are not written in perfect English it is more than likely a scam email. Also look out for poor spelling mistakes that would not be present in legitimate companies.
- Using Exaggerated Urgency – The email will often promise that this information is vital and you have to act immediately. Legitimate companies are not likely to use this tactic.
How to Prevent Phishing Attacks
First of all it should be noted that there is no perfect way for preventing phishing attacks. However, by using the following methods you can greatly lower your chances of getting caught out.
By now you should be aware that phishing emails can be very convincing, but if you are aware of the signs to look out for it is possible to prevent them from being successful.
- Keep your personal information safe – Do not give out any personal information online unless you 100% trust the company and website that you have entered it into. NEVER trust an email as this could lead to a Phishing attack.
- Be skeptical and don’t rush – If you get an email asking for any personal information take your time and do not be rushed into giving out any of your private details. Check the legitimacy of the company before entering anything into a website or email, this includes naming conventions of links and attachments as well as domain names. Do not be fooled by any tricks or scams.
- Use a good anti-virus and spyware protection – Make sure that you have a reputable anti-virus installed on your cell phone and computer and it is up to date. Also make sure that the programs are protecting against keyloggers, Trojans/backdoors and phishing sites or emails.
Being aware of Phishing and how it works is a great first step to preventing any attacks. Common sense can help a lot too!
Staying Safe Online
I hope you are more aware of how Phishing works and what you need to do to stay safe. Phishing scams and attacks are just one part of a complex set of threats we face online.
I have a whole Online Security Section covering a range of topics design to help. I also cover spy apps in detail and show how they can be used for good and bad purposes. They are another threat you need to be aware of today.
Have a good technical online security plan. By this I mean you should always work to make sure your devices are all as secure as they can be. So many people don’t even have a good antivirus app on their cell phones!
Remember we use our phones for so much these days from banking to social media. Your phone is the most likely place to get hacked now so take steps to stay secure.
Even basic security steps like having strong passwords and keeping your phone in you possession at all times can go a long way to staying safe. Have a good look around this website – hopefully you’ll keep learning!