Phising is an attack often used to steal user data, ranging from email addresses, to login credentials, to credit card numbers, to Social Security numbers. The attacker disguises themselves as a trusted entity and uses this credibility to trick users into opening an email or text message that can lead to the installation of malware, a ransomware attack or the reveal of sensitive data.
It can be difficult to spot a phishing attempt quickly, so here are 5 ways to spot a phishing attempt to help protect your email and your computer from the nasty effects of a phishing attack.
Message URLs are Mismatched or Misleading
It’s not uncommon that a phishing message contains a URL which looks valid. Hover your mouse over the top of the URL to see the hyperlinked address, and if the hyperlinked address is different than the address displayed, it’s likely malicious.
Additionally, look for misleading domain names. Attackers often utilize big names like Apple or Microsoft in a domain name to disguise a malicious link. The DNS naming structure is ChildDomain.FullDomain.com. An example would be, info.LegitDomain.com. A phishing attempt, on the other hand, would restructure to FullDomain.com.MaliciousDomain.com. For example, Microsoft.com.MaliciousDomain.com.
Spelling and Grammar Errors
Any official message sent from a legitimate company will likely be reviewed for spelling, grammar and legality. If a message is full of errors it’s likely malicious, so delete it!
It Gets Too Personal
If an email is requesting personal information, be wary. A reputable company will never request a password, credit card number, or security question. It’s even be likely that a phishing attempt will request money to cover expenses, taxes or fees.
You Didn’t Initiate the Contact
If you receive an email stating you were selected as a winner for a lifetime supply of magical, age-reversing skin care, but you never heard of the company and you never entered the contest… delete it. If you are announced as a winner or provided a promotional opportunity, but never initiated contact with the company, it’s a scam. And, if it sounds too good to be true, it probably is.
Some phishing attacks use intimidation to trick people into giving up sensitive data. Some key phrases for these messages include, “Urgent Action Required!” Your account has been compromised!” “Your account will be closed!”
Scammers pose as banks, credit card providers, email providers and government agencies to scare people. Financial institutions and government agencies will not request sensitive data over email, so do not be tricked!
If something just doesn’t look right in an email, trust your gut reaction and delete the email.
It’s always helpful to have an email hosting support team to assist in identifying phishing attacks. We take website security and email security seriously. Many email hosting support teams are not readily available to offer quick advice or assistance in the event of a phishing attack. But, it’s just one of the many benefits you get when you choose our Omaha website hosting team – real human support when you need it!