Cyberattacks today use the techniques used by magicians: sleight of hand and misdirection. Many businesses today have good data security, including secure passwords and data encryption. Hackers need to trick people into revealing information that will allow them to get past the protections. Phishing is a common way of doing this. Here are some clues to help you identify a phishing attack.
Unexpected Links and Attachments
Cybercriminals have many ways to carry out phishing attacks, but most of them are carried out by email. The unwary recipient only needs to click on a link or open an attachment and the door is wide open. Clicking a link can take you to a website that’s full of malware. Attachments can also set a malware installation process in motion. The culprits are clever – they make the link or attachment look entirely innocent or legitimate, or perhaps intriguing. One click and they’re in and your data security is at risk.
Odd Email Addresses
This same trick can also be used with email addresses. Always look carefully at the sender’s address when you receive unsolicited emails, or messages with any content that seems odd. Some of the tricksters are really clever. For example, you might get an email that looks like it’s from Amazon, but if you look closely it actually says ‘Arnazon’. Blink and you’ll miss it, so be alert.
Other Unusual Features
There are other signs of a phishing attack that should make you wary. They’re not necessarily obvious, but if you’re aware then you may pick them up straight away.
- Spelling and grammar errors: Legitimate companies and large corporations are professional outfits. They won’t distribute emails that are full of mistakes. If an email is less than literate, be suspicious.
- Time sensitivity: We make mistakes when we’re under pressure. One trick the scammers use is to make it sound as if you need to act immediately to avoid undesirable consequences. By sowing that small seed of anxiety, they encourage people to act before they give it the attention they would normally. Emails that are designed to make you respond urgently can be the sign of a phishing attack.
- Personal information requests: Most businesses take data security very seriously and use secure ways to communicate with clients. Many won’t even use email for sensitive communications, and social media is also off limits. Any request for login details, of any kind, should probably be ignored.
Phishing attacks can be avoided. Think before you click and you could save yourself from the problems that cybercriminals create. Have you been phished lately? Tell us about it in the comments and check our blog regularly for more tips on keeping sensitive data safe.