Avoiding dodgy emails
Phishing is an attack used by hackers to gain access to private information such as credit card numbers and user passwords.
Phishing is a social engineering attack where targets are typically duped into providing this information directly to false versions of legitimate websites run by the hackers. Personal information can then be used for fraudulent purchases, resale to third parties and even identity theft.
Pictured is a screenshot from a phishing email I recently received from a client who was suspicious.
What would the natural reaction from an account holder be?
“I never sent Nickolas Sims $498 – I’d better click the link and put a stop to this” Of course that sense of emergency may mean you get flustered and click the link and fall for the fake PayPal site. Enter your details and the bad guys have it.
So let’s have a look at the warning signs:
Incorrect recipient address information
The email is addressed to multiple recipients, as if this payment was made by you AND all your friends (I’ve obscured the email addresses for privacy)
The email says “Dear PayPal Customer” – Phishing scams rarely know the real names of its targets and tend to rely on general greetings like Dear user. PayPal know your name and use it when emailing you.
Hyperlinks in email messages should be distrusted in general, but long and convoluted hyperlinks like the one below should cause heightened suspicion.
Normally PayPal resides at the URL PayPal.com. If you hover over one of the links (as shown below) you will notice the link actually goes to a website in .com.ar – that’s Argentina.
No offer of additional information
There is a “Help Centre” link but that link goes to the same website address based in Argentina. In fact ALL links go to exactly the same address!
Warnings from email client
A well-designed email client may detect many of the irregularities listed as well as check for suspicious points of origin (e.g. spoofed emails) and links to insecure servers.
Warnings from web browser
If for some reason you actually clicked on the URL, your web browser might give another warning, alerting you that the URL has already been reported as a forgery, or is not secure.
Most phishing email messages wont contain all of the above characteristics and probably will contain other defining characteristics not mentioned. Phishing is an evolving practice due to its lucrativeness and increased usage by organized crime.
If you receive an email that contains one of the above characteristics then be extremely cautious. If the email is threatening the termination of a service, simply let it happen. No company worth doing business with is going to maintain its records by firing off thousands of email messages to various Hotmail and Yahoo accounts in hopes of reconciling its financials.
How can I protect myself from a phishing attack?
There are several steps you can take to protect your computer from today’s cyber threats. Following the simple guidelines below will help minimise the risk of attack.
- Be very wary of any email messages asking for personal information. It’s highly unlikely that your bank will request such information by email. If in doubt, call them to check!
- Don’t complete a form in an email message asking for personal information. Only enter such information using a secure website. Check that the URL starts with ‘https://’, rather than just ‘http://’. Look for the lock symbol on the lower right-hand corner of the web browser and double-click it to check the validity of the digital certificate. Or, alternatively, use the telephone to conduct your banking and report anything suspicious to your bank immediately.
- Don’t use links in an email message to load a web page. Instead, type the URL into your web browser.
- Check if your anti-virus program blocks phishing sites, or consider installing Kaspersky Internet Security (links below) or other antivirus software that alerts you to known phishing attacks.
- Check your bank accounts regularly (including debit and credit cards, bank statements, etc.), to make sure that listed transactions are legitimate.
- Make sure that you use the latest version of your web browser and that any security patches have been applied.
Protect your identity from phishing attacks
Prevent cybercriminals from stealing your digital identity thanks to anti-phishing protection technologies inside Kaspersky Lab’s Internet security software which leverage lists of known phishing websites, proactive anti-phishing technologies and the latest information from the cloud.