How to Identify a Phishing Email and What to Do about It

How to Identify a Phishing Email and What to Do about it

Security threats are everywhere. They come in all different sizes and shapes. The most common are viruses and trojans which can be accessed via email to anyone that doesn’t know what to look for to protect against a potential attack. In this article, you’ll learn three of the most common phishing techniques and how to not fall into their trap.

Deceptive Phishing

Deceptive Phishing is the most common technique hackers use to collect your information. Fraudsters copy legitimate companies like Paypal and American Express to fool users into entering their information for their monetary gain.

Phising Techniques - Xlingshot

Steps to avoid Deceptive Phishing

  1. Review the source of the email. If the email address doesn’t match the company URL (anyemail@paypal.com), you should be cautious when opening the email.
  2. Keep an eye out for bad grammar. Poor grammar is a sign of a phishing email due to the fact that big companies like Paypal hire professional writers to compose email marketing and have a quality check process in place.
  3. Review the opening line. Is your name missing from the email? Fraudsters are known to send mass emails leaving out your name. Instead, you’ll see “Hi” or Hello” with no name following the greeting.
  4. Timing is key when identifying a phishing email. When one appears in your inbox, ask yourself,” Did I sign up for Paypal?”. If the answer is no, be on the defensive and do not open the email. The Phisher’s objective is to lure you in by clicking on a button within the email. You’re prompted to fill out personal information including name, address, credit card number, and other personal information.

Spear Phishing

Spear Phishing is quite different in that it’s more personal compared to Deceptive Phishing. Social media is the medium of choice for Spear Phishing scammers. Fraudsters customize their phishing emails with the target person’s name, position, company, phone number, and other information in an effort to make to connection and transition the communication off the social media platform.

The objective is the same as Deceptive Phishing. Lure the victim into clicking on a given link or form to gain access to their information.

How to avoid Spear Phishing

Training your staff to identify a Spear Phishing message is key to protecting your companies valuable information. Security awareness training helps employees learn these different techniques hackers use to steal company data. Companies should also invest in data security measures help protect them against malicious emails and attachments.

Pharming

Pharming is another scam that is more complex than the other two covered in this article. It ’s where a fraudster installs a piece of malicious code on a personal computer or server. The malicious code redirects any clicks you make on the website to another fraudulent website with your knowledge or permission.

How to Avoid Pharming

Protecting yourself against Pharming is not as complex as Pharming itself. Be sure to log in to websites only using HTTPS. A properly installed SSL certificate helps to secure your data as you log in to a given website. Companies should also implement anti-virus software on corporate devices that employees use on a regular basis.

Hackers and fraudsters are using more complex measures to steal information about your company on a daily basis. Phishing attempts are going to happen and it’s important to stay up-to-date on the latest security measures and education to prevent a data breach.