On a daily basis, organizations and individuals are subjected to attempted phishing scams. There is a constant barrage of malicious emails, so it is understandable why so many fall victim to ransomware or other malware. Some phishing emails are obvious frauds, but others appear authentic, and could win us over (who wouldn’t want to wire an advance fee of $100,000 to a Nigerian prince?!).
To help you get a better sense of the danger phishing poses, let’s take a detailed look at the history of these scams, what they entail, and how you can protect yourself against them.
What is Phishing?
The Department of Homeland Security puts it succinctly:
“Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords that can further expose them to future compromises.”
Scammers use phishing tactics to gain peoples’ banks account numbers, credit card data, passwords, and to infect your system with harmful software. These scams have existed for decades; starting in the 1990’s, they have evolved accordingly with new trends in electronic communication. Having traditionally used email, scammers now also utilize anything from social media to text messages as a means of attaining your information.
How does this scam work?
A seemingly legitimate business contacts you, asking you to provide or confirm personal information. For example, they may say they are a representative of your bank and need you to verify the information they have on file for you.
These messages look genuine, often copying legitimate message formats used by the agency the scammer is pretending to represent. Their message may also include a link that looks real, but can actually be hazardous once you click on it.
Once you provide the phisher your personal information, they will use them to carry out fraudulent activities in your name, potentially using your financial assets and moving your funds into their own account.
What can you do?
Simply put, when it comes to suspicious emails, do not trust, just verify.
Like all cyber security countermeasures, those which address phishing scams must change and adapt as the security threats themselves evolve. Unfortunately, attempts to thwart phishing scams can’t work every time. That is why it is important to be well versed in phishing, and to accurately assess any messages you receive and use your best judgement. Here are a few ways to spot phishing emails and better your chances of not being scammed:
- Don’t open any attachments
- Scan the message for misspelled words, improper grammar, or logos that are slightly off
- Verify URLs in the email by hovering over them
- Look for requests for personal information
You are your primary line of protection against the bad guys. By understanding phishing scams and following rules for maintaining security, you’ll keep your personal information safe and secure – and not in the hands of some faraway “prince.”
Contact us today to discuss your systems and learn more about how you can protect your data from corruption and hackers.