How to Identify & Prevent Phishing Attempt
Easy way to detect phishing email!
What is phishing and how it is carried out?
Phishing is an attempt to gain access to sensitive data, such as login credentials of a bank account, social account, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person. As an example, the phishing attack is a message that appears to come from a bank or other financial institutions — the spam message uses business name, logo, tag line, graphics to look legitimate. The spam message also contains a URL link and asks the user to login and once user clicks onto the URL; it directs user to phony web site that looks like a legitimate website. Consequently, user falls into the trap of perpetrator and enters their login credentials on the phony website, that’s how the phishing attempt is carried out.
Easiest way to identify phishing attempt
Like movies, at the crime scene, there are clues that leads investigators to the criminal, same way, in the phishing attempt, there are clues to determine if the email is sent by legitimate sender or not. As an example, I am going to cover an email I received recently from PayPal subjecting “Your PayPal account has been limited”.
As soon as the user reads the subject line, it causes anxiety and a concern about their PayPal account. That is the first thing the cyber attacker wants out of you, a quick reaction without noticing further details in the email and entice you to click on the URL in the email.
Stay Calm and Read the Complete Email
a. Don’t Panic
Do not fall into the trap of anxiety or get into panic mode upon reading the clickbait email subject. Although, the email subject is a type of alert, but if user thinks about it, what does “Your PayPal account has been limited” means? It is out from the normal subject line and not much informative.
b. Notice Sender’s Information
Once you open the email, notice it is from “Service@paypal.com 3b29ywir.pyple2idconfermads@3b29ywir.redirectyourmail.me.services.secure.notifed.pple2id.com.comupdatedsservicesaccoutns.info”. This is the second most important thing; you should take a note to detect if it is from legitimate sender. If it was from legitimate PayPal, it would appear as below:
c. Verify Business name spelling, Logo and graphics
The next easiest thing to look out for is the business name spelling, logo, and graphics (color) of the email message. From the above the two pictures, one can easily identify, that although, business name in the phishing email is same, but logo and color used are different.
d. Read the email body
Although, I am not a expert in English language, but reading a article or message, I can identify the spelling or grammatical mistakes. Body of the email in phishing attempt says” We detect unauthorize person was accessed your PayPal account and make some purchase. To see the payment details, log into your PayPal account.”. The sentence formation is so poor that it is hard to believe that a firm like PayPal would send such type of message.
e. URL button
The URL login button just says Login, but in the legitimate email from PayPal, it would say like below, a complete message instead of just Login.
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.” Martina Navratilova
From the above examples, you can easily identify any phishing attempts and prevent you and your loved ones from falling into the trap of attackers. Be vigilant on any emails you receive from your banks, or other financial institutions or your social platforms, as the attackers take advantage of your quick reaction on the attempt to resolve the problems.
Now you know the ways to identify the phishing attempts via emails, you can actually prevent phishing attempts by using some of products available in the market. These products enable email protection feature that can scan all the messages going in or out from your mailbox.
One of such product is anti-virus by VIPRE. It provides Anti-spam protection, that protects you inbox from unwanted messages. Another such product is by BITDEFENDER provides you with anti-spam protection.
