Phishing is one of the most dangerous and compromising scams on the Internet. “Phishing” refers to an attempt to acquire sensitive information such as your login credentials or passwords by pretending to be a trustworthy source such as your bank or email provider. The anatomy of a phishing email is simple: a service you may or may not subscribe to appears to send you an email and asks you to login to your account. They even provide you with a handy link to click.
Unknowing to you, the phishers have created a website that looks identical to the service you are used to logging into (for example, Chase Bank). Since this is a fake website, the phishers can not host it on https://www.chase.com. Instead, they create a website with a similar URL. It may be something like http://chase-bank.blanco.cn/login. This is a fake URL, but most people will not hesitate to click the link because it says the name of the service in it.
And that’s how it all begins…
You click the link and it brings you to a website that looks identical to Chase Bank’s website. You enter your information into a login form, and the phishers gain access to your account.
The truth is, we all lead busy lives and a phishing attempt can come in an email that looks and reads like a legitimate source. For example, if you’re the CMO of an organization and you get an email that appears to be from your accounting department requesting that you approve the new marketing expense, you may instinctively click the link because it seems to be coming from a familiar source. You enter your email and password to log onto the page only to learn after-the-fact that your organization has now been hacked. Don’t let that happen to you.
Take the cautious approach. Don’t click any links in the email or respond to the email. Instead, visit the website the email claims to be from on your own. If the email claims it’s from Facebook, open your web browser and type in www.facebook.com in the address bar and log in to your account to change your password from there. You know you’re on the real Facebook site because you visited it yourself and not from a link in a suspicious email.
Now that you’ve armed yourself with these shields against phishing scams, you are set for the next time a ‘phisher’ tries to drop a line. (See what we did there?)
Download our Cyber Security eBook for more ways to arm yourself against cyber criminals.