Phishing is a common form of social engineering that lets cyber criminals create and send fake emails to trick individuals into sharing personal account information or opening malicious attachments that could infect your computer or smart phone. These fake emails typically appear as if they came from an authentic source, such as a business or from a colleague. Many people fall victim to these attacks, so it’s important to recognize ways of indicating whether the email is real or if it’s an attempt to attain personal information:
1. The Message Asks for Personal Information
These emails often incite fear and anxiety in order to get personal information. An example would be an authentic-looking email from your bank confirming your social security number or login credentials with them or they will close your account. These institutions generally do not use email as a way of communicating this information. Another example would be from a supposed relative asking for money and needing your bank information todo so.
2. The Message Does Not Look Genuine
Professional emails tend to have well-constructed messages, complete with correct headers, footers, logos &banners, email addresses, and without any spelling and grammatical errors. Be cautious, but check for these things throughout the email. Does the header look differently from previous emails? Are there a lot of misspellings or grammatical errors, such as “their” instead of “there”?
Check the email address of the sender. Hackers will attempt to mask their true email addresses or use a similar looking address. For example, FSB emails end in @fsb1879.com; if you see any variation of this, such as @fsb.com, this is incorrect. Try hovering your mouse over the sender’s email address (but do not click on it), and it will show the true email address. If these two do not match, it is likely not a legitimate email.
Do some research if you’re suspicious; search the web and verify that the sender comes from a legitimate company.
3. There are Suspicious Attachments
If there’s an attachment or link from a suspicious email, you should not click on it at all. By clicking on the attachment or link, you allow a malicious URL to install a virus into your device. Use antivirus software to scan these items first before opening them.
Most importantly: do not reply to emails or click on any links if it seems suspicious. If you have any feeling that an email may be genuine, contact the institution or individual directly and verify that this email was real or fake.
Sometimes we all make mistakes – if you think you may have given out personal account information on accident, contact the bank immediately and pay close attention to all of your accounts.