Learn How to Be A Phishing Attack Detective

What is phishing? As described by phishing.org, “Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.”

These attempts may look like someone posing as a coworker, asking for input, including links or attachments, among other things. Scammers attempt to gain access to user information every day, but when you know what to look for you don’t have to become a victim.

Take a look at our playlist for a few tips to help you become a phishing email detective and use them in your everyday life.

1. It is always a good idea to double check information before opening anything from unknown senders.

In episode 1, you see Gil Ubble attempting to open an email from an external source. Upon further investigation, the domain name does not match and the email is not from someone at the company.

Often times people are caught in these attacks because they aren’t paying close enough attention to who the email came from. If the email in question looks similar to something that provider would send, do not click on links or attachments. Instead, go directly to that company site or give them a call to make sure the information is accurate.

2. If the email comes from someone who seems to work at your company, but you do not know the person, check to see if they actually work there.

Even if the person’s email shows that they work at your company, check the email for other signs of false information. Scammers may go to extra lengths to spoof email addresses as a way to get your information.

As you can see in episode 2 of our phishing attempts series, the attacker tries to use a name and email address from someone in the company to get Gil to open it. Before opening, they notice that the attachment is fraudulent and could potentially be harmful to Gil and the company.

Common mishaps by attackers could be misspelled words, poor sentence structure, or offers that sound too good to be true.

3. Be careful when you click on attachments. When you open an attachment that is potential spam, it can open up the door for scammers to gather your personal information.

Gil was excited to receive the email and trusted the attachments that were included in episode 3. This caused him to allow the attacker to instantly gain access to information. Always read emails carefully. If the email asks for you to fill out forms, click links, or open anything, do so cautiously.

In cases where you are uncertain about an individual or the attachment, it’s best not to open it. If by chance you do open or fill out anything, contact your bank and service providers to let them know your information may have been compromised. If this happens while at work, contact your IT department immediately to resolve any issues.

As an added reminder, always ask yourself these questions.

Do you know the sender?
Is this a known email address?
Do you recognize the domain?
Did you request the information?
Were you expecting the information?
Is this too good to be true?

Want more tips on staying safe and not becoming a victim of phishing attacks? Use these resources to become a fraud prevention wiz.

• Identity Protection
• Preventing Elder Financial Abuse
• Have You Heard of Smishing?