Connect with us


How to Recognize Phishing Emails and Keep Your Account Safe



Photo: Pixabay

Phishing and other forms of cybercrime are on the rise. Even those who spend their days online can fall prey to cybercriminals, and we’ve seen it happen time and again. Phishing is a form of identity theft that occurs when a cybercriminal sends out emails with content designed to look like legitimate correspondence from a trusted company, friend, or loved one.

A phishing email might request you to verify account information or download an attachment that installs malware or spyware on your device. You might even be convinced to give up your identity and financial data by clicking a link in the message. If you want to avoid phishing attacks, it’s essential to know what they are, what to look for and how to be safe!

Not All Emails are What They Seem

Phishing is a cyber-attack in which the hacker tries to obtain sensitive information such as bank account numbers and passwords by masquerading as a trustworthy entity in an electronic communication. This situation is often done by sending an email that appears to be from, for example, a financial institution and asking the user to provide the information to log in and view their account.

The term phishing derives from the old English word “fishing,” meaning “to try to obtain something from someone.” Phishing is a type of scam that tricks people into giving away personal information. The email may come from someone you know, an organization you trust, or even one you have contacted in the past.

Phishing emails are carefully crafted to look like they come from a legitimate source. They can contain fake logos designed to make it seem like the email is from a legitimate company. The subject line of the email may sound urgent, asking for account information or passwords.

There are three ways to recognize phishing emails: 

  1. First, does the source make sense? 
  2. Is there an attachment? 
  3. Do you know who sent it? If any of these are true, then the email may be something you shouldn’t open.

Types of Phishing Attacks

There are many ways that spammers fool people into opening their emails. For example, they might have flashy graphics or official-looking words at the top of the message. Sometimes, the sender’s address might look like that of a friend or business associate, or it might even come from someone you’ve emailed before. These tricks work because most people don’t take the time to think about why they should be suspicious before opening an unexpected email attachment or clicking on a link in an email message.

Phishing scams can be very tricky to identify, but if you can know what the warning signs are, you may protect yourself from this crime. The most common form of phishing attack is spear phishing, which targets a specific person or company, and often comes in the form of an email with content tailored to the recipient.

Whaling is when attackers target high-level executives in the hope of getting access to their organization’s sensitive information. Vishing is when attackers use phone calls, texts, or other forms of communication to trick people into giving up their personal information.

How to protect your account?

Some of the typical phishing email tactics that you should be attentive are:

  • Asking you to verify your account credentials
  • Directing you to a fake website that looks like the real thing (e.g., login page, search engine)
  • Asking for personal or sensitive information (e.g., credit card number, bank account number, PIN)
  • Requesting passwords or security questions;
  • Directing you to download software that is not related to the mail’s topic
  • Sending you an invoice with no prior correspondence
  • Containing attachments that can infect your device with malware; and
  • Asking you to review goods or services that will be billed on recurring

Phishing scams are getting more and more sophisticated. As a result, the risk of people falling for these scams is increasing. The first step to protect your account is to look at the sender’s address and verify that it matches the site’s domain name you’re trying to log in to. If it doesn’t, take a step back and question whether you should enter your information into that page. The second step would be to keep your password safe by not sharing it with anyone, avoiding public computers when possible, and using a unique password for every website or service that requires one. Finally, take care of online safety and learn to recognize phishing on time.