What is a phishing attack?
A phishing attack is an email designed by hackers and thieves to get you open a malicious link or attachment on the email. They do this by making the email seem like it’s coming from a trusted brand or trusted contact like an employer or employee.
As soon as you click that link depending on what the link or attachment contains, you could be giving out your complete identity down to your financial data and account logins. If this is done at work, it can be a serious risk to your company’s details and systems.
The only way to properly identify a phishing attack is to know how to identify them. In this article we will be talking about the 5 ways to avoid a phishing attack by identifying what a phishing attack is!
Find out the sender of the email.
Check the email sender’s address because the sender name can have a completely different address. This can be shown by hovering or clicking on the preview name to see the sender’s address. One big give away is when the address doesn’t match the business or when it is close to the businesses name but not exact. For example; email@example.com vs. firstname.lastname@example.org
How does the email greet you?
If the email comes from a trusted brand, they will normally have access to details like your name. So when they send you an email it will contain your name in the salutation. If your name doesn’t appear in the salutation and is replaced with a impersonal message like “Dear Customer” can be a warning sign!
Identify the link, before you click it.
Before you click on a link in an email you should always identify the link’s address. If the link address doesn’t match the content around it then this is a massive warning that you could be about to click a malicious link. This can be done by hovering over the link and a little window will show you the link address or by right clicking on the link and then select copy link address and paste it into your browser for inspection or into a word document!
Check the footer information.
Scroll down to the footer of the email. What does it contain? The two things a legitimate email should have in it is as follows;
- A physical address that you either know and trust or can be searched and comes up with trustworthy results.
- A unsubscribe button to these emails.
If the email lacks these features then it’s most likely dodgy!
If it seems dodgy, then it most likely is.
Trust your instincts with these things. If at first glance you think it may be dodgy then feel free to delete the email. Don’t feel like you have to keep it. If the legitimate company is trying to get a hold of you then they will find another way to contact you!