Phishing scams are not a new phenomenon. But with them getting increasingly more sophisticated, it can be difficult to avoid them. But before we get into the precautions you should take to avoid phishing scams, let’s just explain what the term “phishing” means.
The term is said to have been coined by a well-known hacker sometime in the mid 90’s and is basically an attempt to obtain sensitive information from you. The target could be your passwords. Or your bank details. Or even just your site usernames.
All of this can then be used to extract goods and services from you. The 3rd Microsoft Computer Safer Index Report that was released in 21014 put yearly impact of phishing at 5 billion dollars.
Most phishing attempts follow a similar pattern. You get an email from your bank, credit card company, paypal, tax rebate etc. In the email it states an irregularity and asks you to use a link to log in. Of course the link takes you to a spoof website. Once you enter your details, they now have everything they need to take ownership of your account.
Luckily, most people don’t fall for these types of email anymore. But if you are unsure if an email has come from an official source or not, here are a few ways to tell it’s fake and how to avoid falling victim:
Standard Phishing Scams
- The email addresses you as your email address. Banks etc never do this. They will call you by the name of the account holder, not the email address associated with it.
- Although the sender looks like your bank, a quick glance at the sender’s email address will show it did not come from an official source.
- Banks etc will never ask for your password or other information in an email.
- Never click links in the email. If you are worried about your account and want peace of mind, go to the website yourself or give them a call.
- Generally, scammers don’t have the best language skills. Poorly written emails are a dead give away.
Advanced Phishing Scams
Because so many of us are not falling for the traditional phishing scams anymore, the scammers have had to think of new ways to part us from our cash. Rather than your bank or a financial institution, they pretend to be your social networks or on occasion, one of your friends. So how do you avoid these scams?
- Don’t click on links. I know I said it before but it bares repeating. Even if it’s from a friend. Their account could be compromised. Hovering your mouse pointer over a link should show you where it links to in the bottom corner of the screen. If you’re curious. just be warned though. Even this might not be enough.
- Watch out for the latest scams. These include people sharing google documents. This latest scam has you click a google documents share link. It takes you to a page that looks like the google documents log in page. And this is where they capture your details, as you log in.
- Enable multi factor authentication on your accounts. We’re not perfect. And you might fall victim one day by making the wrong decision. However, if you have multi factor authentication enable, one piece of your online presence will not be enough to give attackers access.
- Don’t rely on technology to save you. You could have the best protection in the world. But the weakest security point in any system is the user. You. Remember this and act accordingly. Think twice before you click links and question why your friend would be sending you a random email about something.
- Not all phishing scams come in email form. You could get a pop up that looks official. Don’t ever enter details into pop up windows unless you are sure you are on the right site. Check the address bar. And if it does not say https before the address, don’t enter anything anyway. Because you are not on a secure connection.
Remember, to stay safe and avoid phishing scams, you need to be vigilant. Question the validity of emails, keep an eye on web addresses and enable multi factor authorisation and you should be ok.