Here are ten life saving tips to distinguish a real e-mail from a phishing e-mail.
Phishing - yes it's still a thing - is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons. And what do you know, it's on the rise again.
“Spam is becoming an increasingly successful attack vector, with click rates rising from 13.4% in the second half of 2017 to 14.2% in 2018”
So even though its 2018, people still click through and Adam Sheehan - Behavioral Science Lead at MWR InfoSecurity - knows what he's talking about.
Because phishing mostly happens, by fooling the reader in an e-mail - we think it's high time for some tips.
Take care when you receive an email for no reason. You did not buy anything from amazon.com, but still you receive an e-mail from accounting@amazon.phishing.ru ?
A classic phishing-technique is to tell you that you urgently need to do something: Confirm your account today, make an urgent payment before the end of the week. Don't be fooled.
Check the sender's address carefully. A mail from John.doe@google.accountverification.com is probably not from Google.
An official agency shall never ask you for your password, your bank details or personal details via an e-mail, SMS or telephone. Do not give this kind of information. Your bank or any other official agency takes care about security and they'll never contact you for confidential information.
If you find a link in an e-mail, hover over it, and see where it will take you. Check the first part of the name, before the first "/". "http://www.bankservices.co.mz/bnpparibasfortis.com/login" is not the login page for your bank. Do not just click on "Unsubscribe" before checking where the link will take you to, it's a classic trick to fool you.
Take care if the mail is addressed to something like "Dear Mister" or "To the CEO of this company". Phishers send thousands of e-mails hoping that just someone will click on a link in the e-mail. If they don't know your name, it is probably something malicious or fraudulent.
Phishing mails often contain spelling errors. Be suspicious when you notice spelling errors in an e-mail.
There is a reason why it is in that folder. Double check the content.
Phishers will try to trick you into clicking on a link by making you curious. "Look what I found about you", or "Are you in this picture?" or "Was that your car driving on the highway?". Don't be fooled, it is the oldest trick in the book. Sometimes the subject starts with "Re: " - Probably this is not a reply to a mail that you sent.
Phishing e-mails will try to make you pay money. They claim that they did not receive a first payment. Or you need to pay to receive a package from UPS. Do not believe an e-mail from accounting@paypal.payments.gh telling you that you still need to pay an invoice: It's a scam.