Phishing attacks have been around for decades, first being recorded in 1995 where scammers would pose as AOL employees and request a user’s billing information through instant messages. Nowadays, email phishing attempts have tricked users into handing over personal information of all kinds. There are many methods of identifying a phishing attempt, but today we’ll focus on one.
First and foremost, a phishing email needs to be convincing enough to trick its victim(s). Unfortunately, many phishing attempts have grown more elaborate and attentive-to-detail, so you need to pay closer attention to spot the discrepancies between a phishing email and a legitimate one. This is where checking any URLs in the message come in.
Most phishing attempts depend on the user to click through to a website that then steals their credentials. The fact that they can hide the URL behind the contents of their message only makes it easier for a cybercriminal to hook an unsuspecting victim. The target reads the message and naively clicks through to the website — at least, in theory.
The first thing you need to do is to consider all of the warning signs of a phishing email. However, if there’s an included link in any incoming message, you need to be especially wary as you evaluate that. Fortunately, this is a fairly simple, straightforward process. Rather than clicking through the link, simply hover your cursor over it. The associated URL will appear. If the URL isn’t going to the domain you expect it to, you need to avoid it. For example, if an email that looks like it is from PayPal wants you to go to payypal.com and confirm your username and password, chances are it’s a scam and you’ll be giving your credentials to hackers.
Ask yourself, does this email make sense? Who is the supposed sender? Does it match the URL associated with the sender’s email?
If it doesn’t, you are likely the intended target of a phishing email. Whatever you do, DO NOT CLICK THE LINK, as this will likely infect your system.
Quikteks can help you keep your systems clear of similar threats through our preventative monitoring services and educational resources. Call us at (973) 882-4644 to learn more.