What exactly is email phishing and what should you be looking out for?
In the past, you’ve setup your new email address. You’re receiving emails from reputable companies. You open an email from your bank, but something isn’t right in the email.
The email is requesting your password, security details and your credit card information. Even the sender’s email address looks a bit suspect. The chances of this email being a phishing scam are very high.
But it’s not all doom and gloom. With common sense and these tips below, you’ll be set to take on email phishing scams, and keep your inbox safe. Just remember that legitimate businesses would never send you emails asking for login details or sensitive information.
What is email phishing?
Technically speaking, email phishing is when cybercriminals send you emails, mimicking communications from legitimate companies you deal with. With a phishing scam, the cybercriminal is hoping to acquire access to your funds and sensitive information.
Cybercriminals utilise various tricks and techniques to deceive you. They make the email appear reputable, down to the finest detail. If you don’t know of the differences between original emails and fake ones, then scammers will try their luck with you.
How emails are forged
Phishing emails include forgeries of email headers and footers from legitimate companies. This tactic confuses you about their origin.
Cybercriminals also take advantage of the fact that you’re probably using an email program (such as Microsoft Outlook) to read and respond to your emails. In these programs, you may not see all the elements of an email (such as embedded images, etc.), or the full sender address.
In most cases, you’ll only have the sender, recipient and subject details visible. Sometimes you don’t notice if a sender’s email address is suspicious. Often, the sender’s email address mimics the official address of a company. You’re then none the wiser, and open the email thinking it’s legitimate.
What can you do to prevent email phishing?
Just follow these tips:
- Don’t click any suspicious links in an email.
- Don’t download any files or attachments unless you trust the sender (You can set Outlook to not automatically download attachments).
- Keep your personal information, including usernames and passwords, under lock and key when dealing with emails.
- Always check the actual sender’s email address, and not just the display name.
- If you’re a more advanced user, you can create an SPF (Sender Policy Framework) record for your own personal email domain, if you have one. This will help to prevent people from spoofing the domain your email uses.
You are now well-equipped to deal with any email phishing scams that come your way. Scrutinise any suspicious emails that make their way to your inbox. Always practice common sense and when in doubt – delete!
Please leave a comment for us. Do you have any tips or hints?
Check out these previous blog posts: