Don’t Get Fooled By Phishing This April Fool’s Day

March 31, 2017

Many of you have likely heard of the concept of a "phishing" email, but may not know exactly what one is, or how to identify it when one pops up in their online mailboxes. However, the talent of spotting phishing attempts is crucial to protecting sensitive information, because as phishing becomes more common around the world, it can pose an increasing threat to anyone with an email address.

There are many ways in which phishing emails can present themselves as perfectly legitimate, but are actually a smokescreen built to target your data for fraud, according to CIO Magazine. These types of communications are becoming harder to spot as criminals refine their techniques. As such, it's vital for everyone to take a closer look at all the emails before clicking links or responding with information, especially because crooks now like to pose these attack messages as coming from sources you might expect to see, such as an employer's HR department or bank.

Common mistakes

One of the biggest warning signs of a phishing email, though, is if the spelling or grammar in the message isn't as good as one might expect from a business, friend or family member, CIO advised. The more errors one finds in an email, the more likely it is that it's a phishing attack. Many phishing emails start with a simple greeting, like "Dear Customer" or "Dear Member," and these are phrases that typically wouldn't be used in a corporate email, in particular.

Along similar lines, companies would never send messages with vague threats about closing accounts or demanding "urgent action," simply because that isn't how most businesses deal with their customers or clients. Armed with this knowledge, consumers can typically disregard any emails that have that type of subject heading.

Many forms of phishing

While plenty of people may be familiar with phishing scams that try to swindle victims out of personally identifying information or credit card data, the IRS cautions that at this time of year tax phishing is a major threat as well, according to the Connecticut Post. Typically, these emails do what other phishing attacks do - present themselves as legitimate communications, this time from the IRS. Some phishers will target individuals saying that there was a problem with their tax returns, but others target small businesses in an attempt to unlock a treasure trove of information for identity theft. These types of scams have already victimized thousands of people across the country in 2017, highlighting the importance of vigilance.

Phishing attempts are getting trickier to spot, and are baiting at individuals and smaller companies at an increased rate, according to Inside Higher Ed. And because of how specifically targeted these attacks can be - they're sometimes referred to as "spear phishing" – where the targeted information can be extremely specific.

"What seems to have changed in the last year or two is that the attacks seem to be more directed," Nathan Phillips, chief information officer at Marylhurst University, told the site. "People are clearly doing research on who they're targeting."

Taking on social engineering

In many cases these more sophisticated kinds of phishing attacks fall into the category of what experts call "social engineering," which rely heavily on creating and preying on the trust would-be victims may have. While many phishing attacks in the past may have been largely automated, these more personalized and focused efforts can do a lot of damage because they catch victims off guard.

With all this in mind, it's vital for consumers to learn more about the threats they face and what they can do to both identify and safely deal with phishing. Check out more Identity Guard News & Insights articles to learn more about protecting you identity.

Related News