Phishing was a word coined around 1995 when the Internet was relatively new in terms of general population using or even knowing about it. Facebook, Twitter and other popular sites were not even on the radar at this point. Phishing or as defined by dictionary.com; fishing in the sense of catching the unwary by offering bait.
The core of a Phishing email is to get you to give up information in the form of usernames, passwords, pin numbers, bank account details and even private particulars such as your mother’s maiden name. All of this gleaned information is then used by scammers to gain access into your bank accounts or outright identity theft.
The scammers prey on ignorance or lack of attention by the intended victim and in most cases the website the scammers send you to generally looks much like the valid eCommerce/banking site.
There are a number of triggers to help you identify a phishing email.
- Financial institutions and credit card companies will never send an email asking you to reset your password or validate personal information.
- Unfortunately no you have not won the lottery, or inherited 1 million dollars from a long lost relative.
- If it looks dodgy it most likely is.
- If there is a link in the email, hover your mouse over it and have a look at your mail client and see what link is displayed. The link will generally be to an obscure domain name or host name.
- If you do click on the link and the website looks valid, check for an SSL certificate by locating the security lock in your browser and clicking on it to see who it has been issued to.
How can I protect myself?
- If it's too good to be true then it probably is - don’t click on it.
- If in doubt throw it out - send it straight to your junk folder.
- You can invest in a good Anti Spam/Anti Virus cloud service that scans each email before landing in your mailbox so you only receive safe email and will never be tempted to click on that winning lottery ticket link.
- As always common sense prevails, you would not give your pin for your bank card to a stranger on the street so why enter it on a website that you are unsure of.
So long as there are people willing to click on a link and divulge their information there will be phishing emails. The best way to prevent it, is through education. Know what to look for and more importantly don’t just enter in details to a website because of fear or reward.