Phishing is #1

number 1 phishingOver 95% of all successful cyber attacks/malware attacks start with a phishing email in which you have to click a link or open an attachment. It is the #1 vector for successful cyber attacks. So be careful in the way you handle your email!!  If you are skeptical then don't touch it!!  Feel free to contact me as well if you have questions about a suspicious email.  I can try to verify if it is on the scam list or not.

How to Spot a Phishing Email

  1. The email comes from a stranger using a public, generic email address such as @gmail.com or @yahoo.com instead of @<privatecompany>.com .  If your bank or utility company is going to email you then they will use their official email address or send you a letter in the post.  If it claims to be your bank but you are wary then it is always wise to call the bank first and verify the email is legit if you feel you must respond to it.  If on the otherhand it is a private person contacting you and you do not know them then be wary.
  2. The email comes with an urgent action required.  Fraudsters often include an urgent call to action to get you to respond immediately.  I can't count the number of times my friends have been stranded in another country without any funds!
  3. The email comes with a generic greeting.  Fraudsters often send a great number of emails at once and they usually don't have the names of the people, just their email address.  So you will get things like "Dear friend" , "Dear Customer" or "Dear Member" or something similar.
  4. The email comes with links to fake websites.  Often the words of the link in the email will say one thing and the actual web address in the underlying code will be something entirely different.  You can usually discover the underlying address by hovering your mouse over the link in the email and it will display the actual url at the bottom of the screen of the email client.  Sometimes the fake links are mixed with legitimate links so beware of that also.
  5. The email comes with an attachment which you are to click.  Always be wary of attachments even when they are from someone you know.  Were you expecting the email with the attachment (always ask this question)?  The attachment can actually be malware which when clicked runs a programme on your computer which will seek to wreak its havoc.

Below are some excellent articles on how to spot a phishing email and what to do about them: ​

  1. Zonealarm - a short, very good, how to avoid article https://www.zonealarm.com/blog/2014/07/7-ways-to-spot-phishing-scam/
  2. Cnet - a short article with a good graphic example of the anatomy of a phishing email https://www.cnet.com/how-to/spot-a-phishing-email/
  3. AVG (anti-virus company) - a very comprehensive article on phishing of all kinds with examples https://www.avg.com/en/signal/what-is-phishing

 

How to Protect Yourself for free (Note: there are more robust solutions which cost - the below do not prevent phishing emails but will help if a phishing email releases a virus or malware):

  1. Zonealarm Free anti-virus and firewall for Windows PC (I highly recommend it): https://www.zonealarm.com/software/release-history/zafavfw.html
  2. AVG anti-virus free for Windows PC https://www.avg.com/en-gb/free-antivirus-download
  3. Avast free anti-virus for Windows PC https://www.avast.com/en-gb/free-antivirus-download

 

Also, how to scan your system for malware (Windows, Mac, Android, iOS, or Chromebook) :

1. https://www.malwarebytes.com/

 

All the best, Jeff

Tags: