How to detect a Phish
Fraudsters are constantly looking for new methods of stealing personal information, making traditional ways to spot illegitimate sites or potential malware attacks ultimately useless.
So what is Phishing? Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
How to Spot a Phish
#1 – Watch out for emotions
Fraudsters will try and play on these to get you to react quickly and jump right in with their scam before you know it.
Greed: Phishing emails often dangle a financial reward of some kind if you click a link or enter your login information. If an
email offers you something that seems too good to be true, it probably is.
Urgency: If an email provides a strict deadline for performing an action — be suspicious. Phishing emails will try to fluster recipients by creating a sense of urgency.
Curiosity: People are naturally curious, and phishers take advantage of this by sending emails that promise to show us something exciting or forbidden.
Fear: Scaring recipients is a common tactic in phishing emails. Emails that threaten you with negative consequences or punishment should be treated with suspicion.
#2 – Examine these items closely
Email Signatures: A signature block that is overly generic or doesn’t follow company protocols could indicate that something is wrong.
Sender Address: If the address doesn’t match the sender name, be suspicious of the entire email.
Email Tone: We know how our co-workers and friends talk, so if an email sounds strange, it’s probably worth a second look.
#3 – Beware of these elements in the email
Attachments: When an attachment comes from someone you don’t know or if you weren’t expecting the file, make sure it’s legitimate before opening it.
Log-in Pages: Spear phishers will often forge login pages to look exactly like the real thing in order to steal your credentials.
Links: Roll your mouse pointer over the link and see if what pops up matches what’s in the email. If they don’t match, don’t click.
Final Thoughts:
Always look for the green lock icon at the top of the web address bar to ensure you are using a secure website before entering any personal information into online forms.
Always contact your ISP directly if you receive any notifications regarding your service or if you are in need of technical support.
Never open email attachments from senders that you do not know, especially if they have unusual or multiple extensions.
If you see something, say something!
Report suspected phishing emails to the information security team, compliance or your team supervisor.