A phishing attack is when a cyber criminal attempts to deceive a user into divulging sensitive information.
Phishing attacks can take many forms:
- Common Phishing: Fraudulent emails with a general message (often sent en masse.)
- Spear Phishing: Fraudulent emails that appear to be from someone you know (targeted and personalized.)
- Smishing: Fraudulent text messages.
- Vishing: Telephone calls where the caller is attempting to steal your personal information.
- Whaling: Phishing emails that target high profile victims (celebrities, politicians or executives.)
You can protect yourself, look out for these warning signs:
- Unexpected: The message is unprompted. If you weren’t expecting a message from this company or individual, be wary.
- Odd: The message doesn’t make sense. If it is a message from Amazon and you don’t have an Amazon account the message may be a phishing attempt.
- Easily Spoofed: The email claims to be from your manager but the sender email, upon further inspection, is incorrect.
- Bad Grammar/Spelling: Phishing messages often contain multiple spelling and grammatical errors.
- Links/Attachments: Phishing messages often contain links to phoney sites or attachments that contain malware. Only open attachments/links if you were expecting to receive them.
- Urgency: These messages often demands an action take place immediately or within a short time frame.
- Reply Field Doesn’t Match Sender: Is the reply field different from the sender’s address? This is common in phishing attempts.
- Phoney Links: Hover over links to see where they actually lead, often a sketchy site is disguised as legitimate well known address.