Phishing scams represent a threat that is all around us. They do not appear to be disappearing any time soon, so you need to know what you can do to keep yourself from becoming a victim. This article will explain what phishing scams are and how to detect them.
An Overview of Phishing
Before you can know how to detect phishing scams, you first have to know what a phishing scam is. A loose definition would be an instance where a potential victim is contacted, usually by email or telephone, by a party posing as a legitimate institution in order to trick the target into handing over sensitive information. The desired data differs from case to case, but it usually includes things such as personal information, passwords, or financial information such as bank account and credit card details. The consequences of revealing such information to phishers could be identity theft, the loss of money, and more.
It seems as if phishing is more known to occur in the online world via email. It does, however, happen through telephone calls as well. Sometimes a person could call claiming they are from a bank to ask for your PIN numbers or other account data. A recent phishing scam pushed via telephone involves people posing as tech support for Microsoft’s Windows platform, where they tell the person that their computer is at risk. The callers then ask the target to either download malicious software or allow them to gain remote access to infect their PC.
In case you are wondering, phishing is illegal. It is so widespread, however, that attempts at cracking down on the cybercrime have only managed to put a dent into the industry. As an example, the first anti-phishing lawsuit took place in 2004, where the defendant was a teenager from California accused of creating a phony version of the America Online website. The teen used the site to obtain credit card details and other valuable information from visitors for a financial gain.
How to Spot a Phishing Scam
There are a few telltale signs that will indicate you are the subject of a potential phishing scam. Let’s discuss these signs in the realm of email.
Just as if you were fishing in a lake, the whole object of a phishing scam is to lure you in with attractive bait. That bait can range across a wide range of topics, and cybercriminals are becoming more creative as time passes. They will try a host of methods to get your attention, and popular items seem to be a lure of choice.
For instance, you may receive an email claiming that you have just won a free iPhone. That is an example of leveraging a popular product. To leverage human greed, some phishing emails may claim that you have won a lottery or drawing. These phony promises are sometimes good enough to lure in unsuspecting victims. No matter how keen you may be, there are plenty of others who actually believe they are on the verge of receiving something for free, and that is what drives these scammers to continue their efforts.
In an attempt to appear authentic, many phishing emails will come from people with conventional first and last names. These names are often randomly generated by software so that cybercriminals can send out emails in massive quantities. If an email came from a real institution you were associated with, it would probably contain your name somewhere. Phishing emails often use standard greetings with no personal touch included.
Regarding the look of phishing emails, some scammers may copy company logos to try to trick you. Often times, however, these images appear grainy and poorly done. You also may find many grammatical or spelling errors in phishing emails, as some originate overseas.
Another characteristic that sometimes accompanies phishing emails is a sense of urgency. The whole train of thought is that the more time you have to think about an offer or research it on the internet, the less likely you will fall for it. This is why many phishing emails urge you to act quickly before their phony offers expire. If you do not respond or click a link to a free gift offer within a certain amount of time, for instance, the email may claim that the offer will expire and you will be out of luck. Sometimes phishing emails will try to use scare tactics to lure you in, saying that your account (banking, credit card, etc.) will be suspended if you do not verify your personal information. An actual institution would not apply such stringent time limits for you to act, and they also would not require you to enter all of your personal data online since they know many people are wary of doing so.
While most emails from institutions contain links to their websites, links in phishing emails take you on a malicious path. A phishing email link may appear to be legitimate if you look at its structure, but you should always move your cursor over it to find out where it will really take you. As an example, say an email has the link http://www.legitsite.com. That looks fine on the surface, but if you move your cursor over it, it could actually show that it leads to http://www.fakesite.com. That fake site URL is where phishers want you to go to enter in your personal information so they can steal it and use it to their advantage. The fake site may have a form where you have to enter in data such as your banking password, social security number, PIN number, etc. Once the scammers have this info in their hands, they can wreak all sorts of havoc on your life.
By now you should know a little bit more about phishing scams. Yes, they may be scary, but they should not stop you from enjoying your online experience. They also should not deter you from ever wanting to pick up the phone out of the fear that someone may be trying to scam you. As long as you know how to detect phishing scams, you should be able to stop them in their tracks. Stay tuned for the upcoming article that will teach you some methods you can practice to avoid phishing scams.