Simple tips to avoid phishing scams
Article by Andrew Elms
Phishing attacks are an unfortunate part of living in a digital age. You’re probably already aware of what these scam emails can look like, but they’re like moving targets because scammers are continually evolving and developing new ways to trick you.
What exactly is phishing?
Phishing refers to a type of internet scam where fake emails are used to connect with strangers. Posing as legitimate senders, ‘phishermen’ bait people by sending them seemingly important or worthwhile correspondence.
Phishing emails may come complete with recognisable company logos or formatted text in order to convince you that they’re authentic. They may ask you to:
- log in to a personal account
- click on a link
- read an attached document.
Once you’ve innocently input private login details, opened an attachment or followed a link, you’ve exposed yourself to a possible malicious phishing attack, which can include:
- malware infections
- data loss
- identity theft.
How much does my email filtering system protect me?
Email is still the most popular delivery method for malware (malicious software that takes over a person’s computer in order to spread the bug onto other people’s devices and profiles). It’s somewhat comforting to know that email filtering software has advanced over the years and can often detect and block malware-related emails, making it a little more difficult for scammers to wreak havoc.
Phishing emails, on the other hand, can look alarmingly legitimate, enabling them to bypass email filters and fool unsuspecting victims. Even the best email filtering software will not detect and block 100 percent of phishing scams, and phishing has remained a popular choice for scammers. According to a report from Webroot in late 2018, 93% of data breaches were initiated by phishing, and 22% of employees have clicked at least one phishing link in the past year.
How can I protect myself?
It’s imperative that you protect yourself by staying vigilant. As soon your vigilance falters, so too does your level of security. Every email you encounter should be handled with care, especially when you’re asked to divulge personal information or open your system to incoming files.
Here are some basic ways to stay alert and prevent phishing attacks:
- Be on the lookout every single day for scams.
- Slow down and take your time when opening and reading emails.
- Don’t automatically open every email message. Ignore spam and delete it or mark it as junk.
- Read the wording of the email carefully. Phishing emails are often poorly written with noticeable spelling, grammar or linguistic errors.
- Be very careful before clicking links in suspicious emails. Hover your mouse cursor over a link—without clicking—and you’ll get a preview of the web address the link will take you to. If the website domain does not perfectly match the provider’s normal website—for example, your bank’s website address—do not click the link. Often phishing scams use domains that are deceptively similar to the official website of who they’re pretending to be.
- Research and contact the alleged sender independently to verify if the email is really from them. Making a quick call or opening a chat message to check whether the email actually came from your contact can prevent an attack.
When in doubt, ask our team! If you’re at work, giving IT early warning of phishing attacks, successful or not, can be the difference between a near miss and a major breach.