Have you ever received an email claiming to be from your bank telling you that your account has been compromised and you need to verify your identity by clicking on a link? Chances are that was a phishing email from cybercriminals who want to steal your information.
What is phishing?
Phishing is a type of cyberattack in which hackers trick you into giving out your personal details, such as login credentials and credit card numbers, by posing as someone you personally know or a trusted organization. They usually do this by sending out emails with a link to a spoofed site that asks for your personal information. They can then use your data to steal your money, make fraudulent transactions, or commit identity theft.
What are the signs of a phishing email?
Fortunately, there are signs that can help you identify a phishing email and prevent hackers from stealing your information.
#1 The email asks you to click on a link or download an attachment
Legitimate companies will never send emails asking for sensitive information. Instead, they will ask you to call them regarding any concerns about your account. So if you receive such types of emails, don’t click on links or download attachments embedded in them. Doing so may bring you to a compromised site or infect your computer with malware.
#2 The email doesn't mention you by name
Many phishing emails use generic salutations like "Dear valued client", "Dear customer", or "Dear cardholder." On the other hand, legitimate companies will almost always address you by your name, especially if they need to talk to you about anything important.
#3 The email uses an odd or altered email domain
Phishing emails usually use an odd or altered email domain that looks similar to the one they're mimicking. For example, instead of “@paypal.com”, they use “@paypal1.com” or “@payypal.com”. You can check this by hovering your mouse over the "from" address. Cross-check the email address against your records, and if it's not listed, you had best delete the email altogether.
#4 The email is poorly written
The most obvious sign of a phishing email is bad grammar. Hackers often overlook using correct grammar and spelling in constructing phishing emails. On the other hand, legitimate clients make sure their emails go through an extensive editing process to check for grammar, spelling, and legality issues. So if you spot any spelling and grammar errors and strange phrases in your email, there's a big chance you’re being scammed.
#5 The email pretends to be urgent
Another trick cybercriminals use when creating phishing emails is to make these sound urgent. Urgent-sounding emails can cause the recipient to panic, making them more likely to click on a compromised link or download a malware-infected attachment.
If you receive an email that expresses urgency, keep calm, and check the email properly. Try verifying the sender's identity. If it's someone you know, give that person a call to ensure the email is safe.
What should you do if you spot a phishing email?
If you come across a potential phishing email, you should immediately report it to the following organizations:
- Google – https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
- United States Computer Emergency Readiness Team – firstname.lastname@example.org
- Anti-Phishing Working Group – email@example.com
- Federal Trade Commission – firstname.lastname@example.org or https://www.ftccomplaintassistant.gov/#&panel1-1
- FBI’s Internet Crime Complaint Center – https://www.ic3.gov/default.aspx
Remember, it only takes one unsuspecting employee for a phishing attack to infiltrate your system and steal your company's valuable information. To prevent this, you need to partner with a reputable managed IT services provider such as Complete Document Solutions. Download our free eBook to learn the three essential types of cybersecurity solutions your business needs.