In this blog post, I will explain to you what fishing is, how to detect a phishing email and what measures you can take to protect yourself from phishing.
What is phishing
The term phishing is a combined word from password + fishing and means fishing for passwords.
The pattern of phishing is that criminals pretend to be one of your service providers (e.g. parcel service, shopping website, bank) with a falsified email. They try to get you onto a falsified website and to enter your personal data like your credentials or even financial information like e.g. your credit card.
Phishing is mostly done via email but it can also happen via SMS (“Smishing”) and within social media networks.
How to detect phishing
It is getting harder and harder to detect a phishing attempt as the messages get better and better over time.
Some years back, phishing emails were full of grammatical and spelling errors especially when written in German. Furthermore, they typically used very generic salutation like e.g. “Dear Customer”.
While these kind of stupid phishing emails still exist, there is a new generation that is well formulated, error free and uses personal salutation and often even uses sender names of persons you know like e.g. your boss or other persons you are related with on social media.
However, as the main purpose of a phishing email is to get your data, there are a few things you can watch out for
- Sense of urgency: “If you don’t update you data now, your data will be lost”
- Threats: “If you don’t act, we will lock your account”
- Unexpected: the email is completely unexpected from that sender or the topic is does not relate to the sender.
- Request to enter data: the message contains a request to enter your login data or financial information
- Sender email address: sender email address does not match to service provider or email of sender you know
- Links, forms or attachments within the email: the message text asks you to open a link, form or attachment within the email.
Measures to protect against phishing
(1) Ask yourself whether you are expecting this message from the sender. When in doubt, contact the sender and ask whether this message is genuine. Do not use contact data provided within the message.
(2) Check whether the sender email address matches with the service provider or person who sent the email to you. A sender email “…@list.ru” is not used from Amazon, UPS or your boss.
(3) Ignore any kind of threatening or sense of urgency within the message. A serious provider or sender will never do this to you.
(4) When asked to enter your data on a website, I strongly recommend to not use the link from the message but to directly login to the website, find the place to enter the data and do it without using the link. I would only recomnend using email links in case you were expecting this message and you are sure that it is coming from the legitimate sender (see 1+2 above).
(5) When following a link from a message, verify that the url is exaclty matching with the provider you know before entering any personal data. Some slight character switches are not easily detectible by the human eye. like e.g. “amzon.com” or “ammazon.com”
(6) Login to your online accounts using the autofill capability of a password manager. While you as a human being might be cheated to enter your credentials on a falsified page that looks like the one of your provider and using a similar domain, a password manager doesn’t and only suggests to enter data into pages it knows.
(7) If possible, participate at a phishing training. Providers like sosafe offer a phishing training for companies sending you well designed phishing mails and educating you step by step to become more vigilant. Unfortunately, such services are mostly for companies. If you know a trustworthy provider who offers such phishing training for private persons, let me know via the comment section below.
If you run into the trap act immediately! Directly contact your provider to try to avoid / reduce financial or personal damage. Immediately change all protentially compromized password accounts. If you reuse the same or similar password for other accounts, change the passwords there as well. Good password management helps to isolate the risk to one account only. Read my blog post what good password management means.