The most common way malware spreads is through phishing emails. These messages are essentially traps designed to trick you into downloading a malicious virus. How do you know if you’ve got a phishing email on hand? The best way to avoid a phishing scam is to know what the bait looks like.
Just like fishermen uses bait on a hook to lure fish to their death, so too will hackers bait PC users with a phishing email appealing to something they care about. A phishing email will often include a misleading headline, followed a message that looks like it’s from a legitimate company, but it’s really a scam.
Some common topics hackers use in phishing emails include; a message from your bank or credit card company, information about an expected package in the mail, a plea for financial aid from someone in a third world country, an attractive stranger that wants to date you, or information about a lucrative investment opportunity. Phishing emails like these will try to trick you into divulging your sensitive information, or get you to download an attachment that contains malware. The best thing you can do to protect yourself from phishing scams is to know what to look for. Here are four giveaways that your email is likely a phishing scam.
The Email is Unsolicited
Be suspicious of any unsolicited email asking you for your sensitive information. A company that you’re doing business with already has your information on file and shouldn’t need to contact you to get it a second time. If an organization did need your information, they would do it over the phone, but even unsolicited phone calls should be met with suspicion because scammers will also use phishing tactics to scam people over the phone. When in doubt, you can call the company in question with a phone number from your records (not the phone number from the email).
The Email Contains Fake URLs
One of the goals of a phishing email is to direct you to a malicious website. Obviously, you wouldn’t visit the malicious website if the URL looked suspicious; therefore, the hacker will try and trick you by naming their website something that sounds similar to the website you trust. A trusted website will have a straightforward URL like https://www.sugarshot.io . A phishing scam will send you to an altered URL that looks somewhat similar, like Sugar Shot.scam.com. Before you visit a website from an email, be sure to analyze the URL before clicking on it. One precautionary measure you can take is to type the URL into a search engine, if the URL is bad, then the search results will clue you in.
The URLs Don’t Line Up
One phishing tactic is to hyperlink a malicious URL with text from the message of the official URL. For example, the email may say http://www.sugarshot.io, but it may be hyperlinked to a completely different website that will infect your computer with a virus. You can check on the linked URL’s true identity by hovering your cursor over the link. Depending on which web browser you use, the actual link will be displayed at the bottom of the screen. You should stay clear of any links that don’t match up.
The Email Wouldn’t Pass an English Exam
Hackers are good at hacking, but not at writing. Poor spelling and grammar is a dead giveaway of a phishing email. A professional company will take extra lengths to make sure that their emails do not contain spelling errors. To safeguard their professional image, many organizations will only hire workers with college degrees that include English classes, and many companies will even have writers on staff to proofread emails. Hackers tend to focus on code and English may not even be their primary language.
If you see any emails with these traits in your inbox, then flag it as spam and move on. To learn about more ways that hackers can bait you with a phishing scam, give SugarShot a call at 310.641.3274 .
Knowing what to look for in a phishing scam can save your business from a devastating hack. For example, the CryptoLocker virus is one of the nastiest viruses on the web. It will encrypt your files, lock you out of your PC, demand that you pay a ransom in order to access to your files. If you don’t pay, then your files are deleted. The primary way this ransomware spreads is through phishing emails.
We can help safeguard you from nasty viruses like CryptoLocker and other phishing scams with a Unified Threat Management (UTM) network security tool. UTM can provide your business with a strong network security to help filter out phishing emails and block malicious websites. Although, it’s important to keep in mind that even the best security solution will fail if users can’t spot a scam. Contact one of our professional IT professionals today to learn more about how to protect your business from the sneakiest scams on the Internet.