Don’t get caught by The Evil Phisherman

How to recognise phishing emails

Let's be clear - phishing emails are different from virus emails. The danger they present has nothing to do with infecting your hard-drive with a virus. 'Data phishing' happens when a fraudster builds a fake website, designed to look exactly like a well-known major corporation - for example, a bank, PayPal or Microsoft. You’ll receive an email from the website, urging you to get in touch. The email tries to persuade you to provide personal data - your user name, password or your bank or credit card details. These days, internet banks use two steps authentication, making your account less vulnerable, but - take the phisherman’s bait … and you will be scammed.

Here’s a real-life example - Last week, an email dropped into my inbox urging me to pay for a parking violation. Perhaps it was genuine. After all, I had been in that area when they said I was. But - I’m sure I didn’t stop anywhere. I was suspicious. The sender was oddly keen for me to pay up immediately. Otherwise, I was assured, there would be an extra penalty to pay.

How to escape the Evil Phisherman’s net

The weakest link in your armoury is you. Every phishing email is based on a combination of your ignorance, complacency and gullibility. You might receive an email with this subject line -

U r g e n t  a c t i o n   r e q u i r e d !

Understandably, your instinct is to think, “Oh dear. This looks important. I’d better reply and do as they ask.” The Evil Phisherman’s plan is to catch you off guard. He’ll try to panic you into falling into his trap. So - your first step must be … do absolutely nothing. Read the full email carefully. Take your time. Be suspicious. Act slowly. Then, make the following checks -

  1. Is your name in the greeting? Or does it read 'Dear Member' or 'Dear User'? if so, it’s probably a scam.
  2. Move your mouse over the suggested link but DON'T CLICK! Each email client software shows the targeted link somewhere on the screen. Have a detailed look around the screen. If you can't find it, right-click and copy the link. Paste it into a simple text editor and read the domain name. If it's one you're happy to visit, click on it. But - if it's something like -mailtargetwebsite297.com/1728374985/etc, never, ever visit that website.
  3. If you've clicked but you’re not sure if the website is reliable, re-check the domain name.
  4. You can test the website by deliberately entering a wrong password. If the website lets you in, then it's fake.
  5. Check the grammar and spelling. Lots of phishing emails are written in poor English.
  6. If you’re still unsure, just copy some of the email and paste it into Google. If you find yourself on a forum where others are chatting about it being a scam, then - you have your answer.

Remember - The Evil Phisherman wants one thing - money. He’ll do whatever he can to get yours. Phishing websites won't harm your computer. They will harm your pocket. Find out more here - http://www.phishing.org.

Your next blog from Addmonte will be about email viruses and how to spot them before they wreck your data and your hard drive.