Have you ever encountered a strange email coming from your bank, a company, social media, or a government agency—but something about it was just odd. Perhaps the wording was odd or the format of the entire email seemed foreign. The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft is called “phishing”. (See also: vishing, the phone-call version of phishing.)
If It helps you understand it any better, take the word “phishing” literally. Cyber criminals are ‘fishing’ for your private information posing as an established organization.
How can you detect a phishing email? Below are a few things to look out for that are dead giveaways.
If It helps you understand it any better, take the word “phishing” literally. Cyber criminals are ‘fishing’ for your private information posing as an established organization.
How can you detect a phishing email? Below are a few things to look out for that are dead giveaways.
Check The Header
Many individuals will fall for phishing because they won't take the time to investigate the email headers. If an email seems phishy, check the sender. More often than not you'll encounter emails that seem legitimate but are not. For example an email from "AppleiCloudSupport@outlook.com" would not be legitimate.
Check The Links
Links in the body of the email will seem legitimate at first. The email might ask for some information and gives you a link to go to and provide said information. On the email the link looks like “iforgot.apple.com” but when you look at the real link it is taking you to, you might find it is taking you to “123.123.123.123/apple/resetpassword/". This clearly does not belong to Apple.
Read The Email
Phishing emails will usually begin with a generic greeting like "Dear Valued Apple Customer." As you keep on reading, you might find that there are grammar and spelling errors in the body. The sender will ask you for private information and give you a link. Moreover, the sender might add urgency to the email by mentioning how if you don’t provide the info they require quickly, they’ll cancel your account or temporarily stop the service. This being yet another tactic to get you to disregard the blatant phishy email and send info.
Compare
If you suspect an email to be of the phishing kind, compare the email to another one from the same company. Quickly you'll realize the many inconsistencies.
If you have nothing to compare it to and are unsure, call the company contacting you (but not from a phone number they provided in the phish email!). Remember, it’s better to be safe than sorry.
