If you’ve been using an email account for a while now, chances are you will have come across a phishing attempt. 2020, was particularly rife with the scams, which rose by an incredible 220% compared to the yearly average, as malicious actors tried to take advantage of the global pandemic fears.
So how do these scams work? Well, phishing is a form of cyberattack that uses emails to try and attack your personal details. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from HMRC about taxes — and to subsequently click a link, or download an attachment.
Once you’ve clicked on the link, malware starts collecting any information you type, which is why often you’ll be prompted to login to your account or enter your bank details to “gain access to the service” mentioned in the email. Your details are then captured by the attacker who uses them to access other accounts and spend your money.
The reason these scams are so effective is due to the fact that the emails look extremely real and convincing. When you click on a link in a phishing email, you are also sometimes redirected to a fake website that is almost an exact replica of the one it is trying to spoof.
Spotting these pesky scams
There are, however, some tell tale signs of a phishing email, which can help you to spot, block and report the scams when needed.
- There’s a sense of urgency – An email sent to you that requires you to act fast, or tells you that your account will be suspended if you don’t take immediate action to update your details, should be your first red flag. Your bank or tax agency will NEVER ask you to update your details over the internet via an email. If you are still unsure, the best thing to do is go directly to the legitimate website via an internet search to investigate further.
- Emails containing links – Since the hyperlink is how the criminal is going to get your details, most phishing emails will have one. Often these links will be shortened with ‘bitly’ or ‘bit’ so you can’t see where the full link might take you. However, if you hover over the link sometimes you can see the full URL where you will be directed should you click. Looking more closely this way could show you that the URL is completely different to what it was claiming, or it could be a popular website with a misspelling, for instance http://www.bankofarnerica.com
- Emails from unknown senders with attachments – All email attachments should be viewed with caution from unknown senders. This is because attachments are the easiest way to put malware and other viruses on your device. The only file type that is always safe to click on is a .txt file. In general it is best to err on the side of caution and avoid clicking on anything that could be suspicious.
If you’re concerned about phishing, there are also some additional measures you can take to increase your protection from these scams. This includes; using a spam filter, using anti-virus and anti-spyware software to flag any suspicious messages or websites, and reporting anything suspicious to your bank’s phishing department, who can investigate these scams on your behalf and take action where needed.
If you have any questions or other technology queries comment below or tweet @techtroublesho1.