Email phishing attacks have become very common in the internet world and more cybercriminals are making use of this method to steal unsuspecting users’ data.
While it isn’t entirely new, phishing is used by cybercriminals to obtain access to information from unsuspecting users in the guide of another user – usually a big corporation or a service they use.
To put it simply, someone may receive a fake email from their bank or even the government asking them for important information.
Because of the fact that you trust your bank or the government so much, you may be inclined to give out your vital information.
These cybercriminals often steal people’s credit card numbers, passwords, and other important information in minutes by tricking unsuspecting victims to click on a link that is built to look trustworthy.
It has been reported that 99% of all phishing attacks succeeded since there are so many victims out there every day.
Anyone from anywhere across the globe can fall victim to phishing attacks in as much as you make use of the internet.
The majority of victims are often senior citizens but the reality is that cybercrime continues to evolve just the same way tech evolves which is why it’s important to be careful when attending to these emails.
While I’m not victim-blaming, it’s quite possible to detect or identify a phishing email quickly by doing the following:
Pay Attention to the Sender’s Address
The truth is that there can only be one domain name with an exact set of words. I mean there can only be one Brumpost.com.
And the same goes for other trustworthy companies and businesses that have a registered domain name on their business names as well such as Microsoft, Facebook, etc.
When opening an email message, always pay close attention to the sender’s URL before clicking on anything (don’t even click on anything if you’re not sure).
When you receive messages from an email that doesn’t entirely correspond with the business email address, you should be suspicious. An example of such could be email@example.com. Here, there is “0” or zero instead of the alphabet letter “O”.
Look for Misspellings and Inaccuracies
Still, on paying attention to the sender’s email address, most reputable companies use their official email addresses when sending an email to users.
For example, it could be firstname.lastname@example.org or email@example.com. Your responsibility is to ensure that you look through the domain name (twitter.com or microsoft.com) and ensure there are no spelling mistakes on either the address or even the email username (help@ or support@)
Be Suspicious of Urgent Requests
Due to the fact that phishers need to bail with your private information as soon as they possibly can, they often trick victims with urgency in order for you to take quick action.
For example, they may tell you that you need to reset your password as soon as possible because of some unimaginable reasons.
All you have to do is to check the sender’s email address and if you find anything suspicious, just report the email address by adding it to your spam folder.
Do not click on any link provided.
Never Click on Links Within Emails
In the situation of banks, they often send an attachment with an email whenever they are sending you your monthly bank statement reports.
When you’re only presented with a link to view the information and the sender’s email address doesn’t tally with the company they claim to represent, just ignore the message or report them as spammers.
Watch out for suspicious hyperlinked URL
If you got the email message via your computer and you’re required to “click here….” just hover your cursor on the hyperlinked text to see the URL.
If it’s truly a message from the company they claim to represent, the URL should confirm it. For example, a message from Facebook should have an “https://www.facebook.com/url path” preceding it.
If you’re on your mobile, you can simply copy the hyperlink text’s URL and then paste it to your browser without hitting the “Go” button – just to see the URL links. If it’s untrustworthy, just ignore the message and report the sender.
If you receive a phisihing message, do the following
If you’re using Gmail, there is always an option to report spam. Some other email service providers also have powerful spam-proof email systems.
However, if your email client doesn’t have this capability, you can manually add the sender to your blocked list while also deleting the message they’ve sent you.
Also, you can try to contact your bank or whatever service provider you use in case you receive a message from them with claims that they’ll block your account soon.
Most companies like banks often have a direct customer helpline and even a chat system from where you can contact customer support to inquire about what you did wrong to warrant an account termination.
Have you been phished?
However, if you think you’ve been phished, there are some things you can do immediately to ensure the safety of your data and information such as the following:
Change your Credit card number
This is important and all you have to do is contact the bank where the account has been opened and clear the charges that were taken for money transfer or anything else.
Also, check if there have been an unauthorixed charges from shopping online or through Facebook Messenger.
Use password managers
Nowadays, you don’t need to memorize your passwords – because you just can’t unless you’re a superhuman.
There are great password management services out there and Google Password manager is one of them. It’s built into the Chrome browser and Android OS.
You can also write them down somewhere safe.
Report it to the Police
Informing law enforcements is also important so they can commence an investigation as well as tracking down the hacker who may have made the phishing attacks.
Even if they’re unable to recover all your stolen funds, the fact this can help others online.
There is a site online where you can run a background check on yourself. From there, you can see if there have been accounts created in your name without your knowledge.
From there, you can alert police as well as your bank or credit card providers to close those accounts while also changing your passwords swiftly.