Friday 18 April, 2014
Phishing is the most common type of hacking attack that hits regular internet users and businesses alike. It’s a clever technique that, rather than relying on high-tech tomfoolery, takes advantage of your misplaced trust.
A phishing message is an email message that looks like an important communication from a business you deal with, such as your bank or PayPal. It usually urges you to click on a confirmation link or fork over some sensitive information, threatening to close your account or other trouble if you don’t. Once you click the link, you inadvertently download malware to your computer, and then the real trouble begins.
It’s a given that you should have a good security program in place. But the first line of defense against phishing scams is you and your brain. Here is how you can tell if a message is somebody phishing.
When you get an email from an institution or business you use, they usually use standard subject lines. Phishing messages will say something else. The subject line usually stresses the urgency of taking action. Sometimes the language is awkward, too informal, or not native English. This is your tip-off.
Phishing works so well because hackers have managed to make messages look like official messages. They copy the graphics, logos and other design features to make it look authentic. But sometimes, you can see that something is a bit askew. A color may be off or the message may look slapped together.
Official emails from your bank or other businesses always use your real name. They never say something like ‘Dear Account Holder.’ If a message that’s supposedly official doesn’t call you by name, you’ve most certainly got a fraudulent message.
Probably the best dead giveaway is the return email address. Any official address will use the company website’s domain name. For example, if you get a message from PayPal, the return address will say ‘@paypal.com.’ Why would it say anything else? It definitely won’t be a Hotmail or Gmail address.
One Ultimate Tip to Avoid Phishing Scams
Here is one tip that if you follow, no matter how hard it is to tell whether a message is legit, you’ll never get phished. Whenever you get an official message from anybody whatsoever, don’t click on the link in the email. Instead, leave your email and go to the official site. Login there, and look for the alert in your account. If your bank account is withdrawn or there is some other problem, you’ll see it there.
This method is a slight pain, but it’s foolproof. Phishing scams are extremely common and even the most observant people fall for them. But this simple trick will keep you out of trouble.