How to Spot Phishing
Phishing is an attack in which an attacker tries to trick victims into handing over personal and financial information. This can be done by directing them to a fake website to enter confidential entries or by sending them an email with malicious file attachments. Cybercriminals use phishing to target users of online banking, credit cards or social media accounts, impersonating tech support, finance institutions or government agencies.
To make phishing emails appear more realistic, attackers often use personal information of their victim to impersonate them. This could include the victims name, nicknames, address or other details to make them seem more trustworthy and believable. Some attackers use fear, for example by claiming a warrant is out for the victims arrest or asking them to transfer money urgently. Others try to play on greed, such as telling them they have won a lottery or other lucrative prize.
Other indicators of a phishing attack are misspelled words or poor grammar. Companies usually employ copywriters to review their official emails, so a spelling or grammar error is usually a clear warning sign of an attack. Many phishing messages also use generic salutations, such as Dear Customer, rather than the victim’s name. This again saves attackers time, as they do not need to individually address each victim.
If you receive an unexpected message from a known sender and it seems suspicious, contact them through a separate channel to ensure that they did indeed send the email. This can save you a lot of trouble and limit the damage that attackers could do. It is also a good idea to check in with your online accounts on a regular basis, to make sure no one has accessed your sensitive information.