Let’s start with a definition of phishing.  It is the practice of tricking Internet users, through the use of deceptive email messages, phone calls or websites, into revealing personal or confidential information which can then be used to perpetuate identity theft, access sensitive data and/or steal financial assets from the victim.  

Email messages employ “spoofing.”   A hacker sends emails that appear to originate from trustworthy sources. They may appear to be sent from legitimate companies, from friends, family members or coworkers. 

Hackers also spoof websites.  They accomplish this via a technique called URL “cloaking”  or “masking”  Through the use of specialized scripts of computer code, hackers can cover up a legitimate URL with one that is associated with a trusted website.

The most common phishing scams involve bank or credit card notifications, unsolicited tech support notifications, “receipts” of high-priced items that you supposedly purchased, cut off of a service you use such as email or Amazon or even black mail attempts threatening to “out” your viewing of pornographic sites.

Common features to be aware of in email phishing:

Too good to be true offersUrgency, you must act nowHyperlinks within an email – ways to get you to a fraudulent site to complete the theftAttachments in an email – often contain viruses or ransomware to seize your machineUnknown senders – maybe not the Nigerian prince but folks you don’t know with requests or offers

Spotting the suspects:

Misspellings and poor grammarPoor graphic reproduction, i.e., fuzzy logos or other graphicsAddress from incorrect domain – if Bank of America sends you an email, it certainly will not come from @gmail.com or other personal account.Emails from people you don’t know asking you to look at embarrassing pics of a friend.Pop-ups – don’t be quick on the click.

Here are a few good ways to explore without getting snagged by the “phisher”:

Hover your PC mouse over the email address to expose the real sender.  If you’re using a mobile device (Android, Apple), investigate an email address by tapping on the address with your finger or stylus. You will see the actual sender’s address.Keep your browser up to dateMaintain your firewallsUsing anti-phishing toolbars or appsMOST OF ALL – THINK BEFORE YOU CLICK!

Extricating yourself from the clutches of internet thieves can be costly in more than one way.  Identity theft can take years of legal work to resolve.  Be aware of the many ways internet bad guys try to steal from you.

The post PHISHING – IT’S NOT A WATERSPORT appeared first on Valerie Webster.