If you saw our Tek Tip yesterday about how to report online crime and phishing attempts, you are well on your way to better securing your systems fighting cybercrime. However, without being able to identify an online scam, how will you be able to prevent or report one?
With that in mind, let’s break down the anatomy of a phishing scam!
What is phishing?
Phishing is one of many tactics hackers and scammers use to pray on one’s trust or lack of attention to detail in order to gain access to your sensitive data. It’s essentially a process of baiting one to click a link or respond to an email, telephone call or text message to acquire things like your usernames/ passwords, SSN, Bank account numbers, pins, or personal information.
How to an identify an attempt
There are a lot of different aspects of a phishing attempt that should raise suspicion. First and foremost, if something seems too good to be true, it probably is. Second is the sense of urgency. A phishing attempt may require you to act fast, such as a fake email disguised as your boss asking for sensitive information right away. Another aspect to look for is if you receive something from an unusual sender. If something seems out of the ordinary, you shouldn’t click on it. Let’s run through the anatomy and red flags of a nefarious email:
- The Subject Line: The subject line of an email does not match the message content or does not line up with one of your interests or purchases.
- The “To” Line: The email is sent to multiple people, none of whom you know.
- The “From” Line: You do not know the sender or the email is out of character for someone you do know.
- The “Date” Line: You receive an email at an odd hour of the night that would normally be sent during business hours.
- Attachments: You receive an attachment you aren’t expecting. Opening attachments could lead to ransomware or other viruses.
- Hyper-Links: There are misspellings in the link or the email prompts you to take unusual action. If you hover your mouse over the hyperlink and it shows for a different website, this is a large red flag.
What to do if you click a phishing link?
First of all, don’t panic. If you are sure ransomware has made its way onto your computer, your computer has been infected, or you are experiencing issues weeks after clicking on an email, read our blog “Oops…Clicked On A Phishing Email? What Should You Do?” to learn what action to take.
How to report a phishing attempt: We discussed how to report phishing attempts on our latest Tek Tip on our website’s blog at www.thetek.com For the quick link, you can report internet crime to The Federal Bureau of Investigation, Internet Crime Complaint Center (IC3)
Education is Action Too
You know what phishing is, how to recognize an attempt, and where and who to report internet crime to. These are the basic steps that keep you on track to staying secure. Something not often thought of is how the people in your lives and who you associate with online can affect your security. It would be a smart move to educate the people who have constant online communication with you, whether it be casual or formal. Many times, an account that is hacked can then send out emails or messages to all of that person’s contacts. If you receive an email that appears to be from someone you know but ends up being a phishing attack, you may be up the proverbial creek thanks to the scammer’s sneaky ability. By educating the people around you, you can further limit the possibility of getting hacked through association.
Your parents and the older generation are key people to think of when it comes to this. Simply explaining to them the idea of phishing and the importance of not clicking obscure links or responding to emails they did not initiate can go a long way. If you feel your parents are in a place where they need to be monitored online to avoid internet crime, think about setting them up with a credible identity theft protection company.
With cyber-attacks happening at a rate like never before, you don’t want to wait to get educated or share your knowledge with the people around you. Take action, be vigilant, and never be afraid to double-check with your co-worker, friend, or family member if an email from them appears suspicious. 100% of the time, it is better to ask rather than risk the security of your personal or professional data.
Have questions regarding suspicious account activity and how to better secure your systems? Drop us a line at firstname.lastname@example.org