A phishing attack is when a cyber criminal attempts to deceive a user into divulging sensitive information.

Phishing attacks can take many forms:

  • Common Phishing: Fraudulent emails with a general message (often sent en masse.)
  • Spear Phishing: Fraudulent emails that appear to be from someone you know (targeted and personalized.)
  • Smishing: Fraudulent text messages.
  • Vishing: Telephone calls where the caller is attempting to steal your personal information.
  • Whaling: Phishing emails that target high profile victims (celebrities, politicians or executives.)

You can protect yourself, look out for these warning signs:

  • Unexpected: The message is unprompted. If you weren’t expecting a message from this company or individual, be wary.
  • Odd: The message doesn’t make sense. If it is a message from Amazon and you don’t have an Amazon account the message may be a phishing attempt.
  • Easily Spoofed: The email claims to be from your manager but the sender email, upon further inspection, is incorrect.
  • Bad Grammar/Spelling: Phishing messages often contain multiple spelling and grammatical errors.
  • Links/Attachments: Phishing messages often contain links to phoney sites or attachments that contain malware. Only open attachments/links if you were expecting to receive them.
  • Urgency: These messages often demands an action take place immediately or within a short time frame.
  • Reply Field Doesn’t Match Sender: Is the reply field different from the sender’s address? This is common in phishing attempts.
  • Phoney Links: Hover over links to see where they actually lead, often a sketchy site is disguised as legitimate well known address.

Click here to see the Anatomy of a Phishing Email