You’d think that it would be as easy as pie to avoid getting reeled in by a phishing scam. After all, all you need to do is avoid clicking on a link inside an email or text message. How easy is that?
A phishing scam is a message sent by a cybercriminal to get you to click on a link or open an attachment. Clicking on the link or attachment downloads a virus, or takes you to a malicious website (that often looks like real site).
You are then tricked into entering user names, passwords and other sensitive account information on the website that the scammer then uses to take your money, steal your identity or impersonate you.
Intel Security recently designed a quiz to help people identify a phishing email. Sometimes they’re so obvious; for example, they say “Dear Customer” instead of your actual name, and there are typos in the message. Another tip-off is an unrealistic “threat” of action, such as closing down your account simply because you didn’t update your information. Some scammers are more sophisticated than others and their emails look like the real thing: no typos, perfect grammar, and company logos.
The quiz showed ten actual emails to see if all of us could spot the phishing ones.
- Out of the 19,000 respondents, only 3% correctly identified every email.
- 80% thought at least one phishing email was legitimate.
- On average, participants missed one in four fraudulent emails.
The biggest issue may not be how to spot a phishing scam as much as it is to simply obey that simple rule: Don’t click links inside emails from unknown senders! And don’t download or click on attachments. Now if you’re expecting your aunt to send you vacation photos and her email arrives, it’s probably from her.
But as for emails claiming to be from banks, health plan carriers, etc.…DON’T click on anything! In fact, you shouldn’t even open the message in the first place.
And I can’t say this enough: Sorry, but you aren’t special enough to be the one person to be chosen as the recipient of some prince’s lofty inheritance. And nobody wins a prize out of the blue and is emailed about it.
A few more things to keep in mind:
- An email that includes your name can still be a phishing scam.
- Don’t fret about not opening a legitimate message. If it is, they’ll call you or send a snail mail.
- You can also contact the company directly to see if they emailed you anything.
Want to see how your phishing skills stack up? Take the Intel Security quiz, here.
Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Phishing Scams: Don’t Click that Link!
You’re sitting on your front porch. You see a stranger walking towards your property. You have no idea whom he is. But he’s nicely dressed. He asks to come inside your house and look through your bank account records, view your checkbook routing number and account number, and jot down the 16-digit numbers of your
- Hacking Humans: How Cybercriminals Trick Their Victims
Intel Security has compiled a list of the top ways cybercriminals play with the minds of their targeted victims. And the chief way that the cybercriminals do this is via phishing scams—that are designed to take your money. The fact that two-thirds of all the emails out there on this planet are phishy tells me that there’s a
- Mobile and Phishing – Why It’s More Dangerous
Phishing occurs when scammers send emails that appear to have been sent by legitimate, trusted organizations in order to lure recipients into clicking links and entering login data and other credentials. SMiShing is a version of phishing in which scammers send text messages rather than emails, which, as with phishing emails, appear to have been sent by
- Beware of Apple ID Phishing Scams
You may have been scammed after you responded to an e-mail that appears it came from Apple. When hackers send e-mails that appear to come from a legitimate company like Apple (or Google, Microsoft, PayPal, etc.), with the objective of tricking the recipient into typing in passwords, usernames, credit card information and other sensitive data,
- What is Spam?
Everyone’s heard of spam as it pertains to emails. Spam isn’t necessarily a malicious message designed to trick you into revealing your credit card number or PayPal login information. But spam is an unsolicited message, sometimes referred to as junk mail. Spam can be very annoying and relentless in nature, often attempting to convince you to buy something.