Skip to main content

How to spot a phishing(fake) email

Even if you have security software, phishing is a serious threat, one that can expose you to ransomware. Here's how to avoid these dangerous emails. Security threats come in all shapes and sizes. You've probably heard of viruses, trojans, keyloggers and, more recently, ransomware. Want to know what they all have in common? They can all be the result of phishing.

The word itself is a homophone; hackers use bait -- usually in the form of a seemingly legitimate file or link -- to "phish" for victims. And because this bait is usually spread via email, it's hard for security software to, er, philter out. That's what makes it so pernicious.

A sad example of a business 'phished'

True story: A couple years back, my brother-in-law's business was breached by ransomware. This horrific code encrypted nearly every data file -- Word documents, Excel spreadsheets and so on -- and literally held them for ransom. If he wanted his data back, the price would be $700.

According to a security pro hired to help, the ransomware got in when one of the owners opened an email attachment marked "My resume" -- a seemingly harmless action, especially given that the company was, in fact, actively hiring.

Phishing can also result in identity theft and even lock you out of your phone. But wait, isn't security software supposed to protect you from such threats? It is, but that's what makes phishing so devious: It arrives as seemingly harmless-looking email and cajoles or frightens you into action -- usually clicking a link or opening a file. And often that's all it takes.

While many people are well acquainted with this practice and know what to look for, I suspect there are plenty of folks who still fall victim. Heck, I consider myself an expert at phishing avoidance, yet I've had occasional momentary lapses that almost got me to click a fraudulent link.

How to spot a fake email

Below I've shared an actual email that shows some telltale signs of phishing fakery. Note that because I'm a PayPal user, the email certainly caught my attention -- at least initially.
1. Like many people, I have several email addresses. But this message came to an address that isn't linked to my PayPal account. What's more, the "To" field is blank, an obvious sign it didn't actually come from PayPal.
2. Bad grammar and spelling are telltale signs of phishing. Big companies hire professional copywriters (and editors) for email communication.
3. My name is missing. The salutation merely reads, "Hello, [blank]." I'm pretty sure PayPal would communicate with me by name.
4. Another strong clue this is a fake: I didn't just sign up for PayPal. Now, you might think, "Oh, no, somebody created a PayPal account in my name!" Again, this is a scare tactic (and a weak one at that) designed to get you to click the inviting blue button. Were you to do so, you'd probably be directed to a site that looks fairly PayPal-like, with a form requesting all kinds of personal info -- including a credit card number. Alternately, you could land at a site that stealth-installs a bunch of spyware and/or viruses.
This was some sloppy phishing. But there are much craftier ones out there, like "your account has been compromised!" or "FedEx has a delivery waiting for you" emails that look indistinguishable from the real thing.

Fortunately, it's fairly easy to protect yourself against come-ons like these.

How to avoid getting caught in a phishing net

Always be suspicious. Phishing emails try to freak you out with warnings of stolen information or worse, and then offer an easy fix if you just "click here." (Or the opposite: "You've won a prize! Click here to claim it!") When in doubt, don't click. Instead, open your browser, go to the company's website, then sign in normally to see if there are any signs of strange activity. If you're concerned, change your password.

Check for bad spelling and grammar. Most of the missives that come from outside the US are riddled with spelling mistakes and bad grammar. As I noted earlier, big companies hire professionals to make sure their emails contain perfect prose. If you're looking at one that doesn't, it's almost certainly a fake.

Beef up your browser. An accidental click of a phishing link doesn't have to spell disaster. McAfee SiteAdvisor and Web of Trust are free browser add-ons that will warn you if the site you're about to visit is suspected of malicious activity. They're like traffic cops that stop you before you turn down a dangerous street.
Use your phone. If you're checking email on your phone, it might actually be harder to spot a phishing attempt. You can't "mouse over" a questionable link, and the smaller screen makes you less likely to spot obvious gaffes. Although many phone browsers (and operating systems) are immune from harmful sites and downloads, it's still good to exercise caution when dealing with suspicious links. (Obviously you still shouldn't complete a form that asks for your password or other personal info.) Android users in particular should be aware of the potential risks.

Most of all, rely on common sense. You can't win a contest you didn't enter. Your bank won't contact you using an email address you never registered. Microsoft did not "remotely detect a virus on your PC." Know the warning signs, think before you click, and never, ever give out your password or financial info unless you're properly signed into your account.


Comments

Popular posts from this blog

Is Davido A Member Of The Black Axe Secret Cult? Check Out What His Manager Is Saying

Asa Asika, Davido’s country manager,  has rubbished a controversial report which went viral last week that one Tobi Adegoke, a 25-year-old suspected member of the Black Axe cult was lured into becoming a member of the group with promises that joining the group would grant him the rare opportunity of meeting Davido, Vanguard reports. According to the suspect, a budding musician who is currently in police custody after being arrested and paraded alongside 26-other suspected cultists by the Lagos State Police Command last week Wednesday; he fell for the cheap trick because he believed meeting Davido would boost his music career.  “I am an Aiye member (Black Axe). I have been in the cult for about two years. I was told that Davido was a member and if I joined, I will be able to meet him. It was the guy who initiated me that said so. He said he worked for Davido and that it will be easy access for me. But since I joined, I have not met Davido. They told me I’ll become a very popular musici…

Marriage: A school of learning, discovery

By Pastor Okokon Ating I have been enlightened that marriage is an insti-tution established by God which no student has gra-duated from. Once an in-dividual is able to obtain admission into this sch-ool, one keeps on learning till death. In the school of marriage every student is a novice. No matter how highly educated one is, he/she has a blank knowledge compared with the normal academic attainment.                                                   wedding ring
There are many mysteries embedded in marriage unknown to the unlearned heart. Couples do not know marriage but learn and study it. That is, cou-ples learn and study it when they come into the practical aspect of it. I came in contact with a young lady who was busy attending marriage semin-ars and reading several books on marriage. Atten-ding seminars and reading books on marriage are good, I told her; but where you can know and be pr-oud of living confidently in marriage is when you enter into the reality of marriage. This is w…

Save The Planet, Preserve The Ozone Layer

Everything you need to live well
The activities done by man to make life easier has depleted the ozone layer and endangered Planet earth due to pollution. Planet Earth has indicated through global warming the most visible sign of climate change. According to the United Nations Environment Programme (UNEP), over the last century, sea levels have risen by between 10 and 25 centimeters, and carbon dioxide—the main cause of the greenhouse effect—is responsible for 85% of the increase in the Earth’s temperature over the last 10 years. To stop this negative effect and preserve the ozone layer, here are a few ways to check air pollution; Prevent bush burning In some rural areas bush burning is an easy way to prepare farmlands for cultivation. This is not only harmful to the soil but also the planet as well. Take precautions to avoid starting fires especially during the dry season. Buy organic products. Go for eco-friendly products that have no effec…