How to Recognize Phishing Attacks

What is phishing?

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. It happens a lot, and it’s worthwhile to stay vigilant. Not all phishing attempts will be via email, as some occur over the phone, or in other formats. Here’s how spot and recognize phishing.

Read more here: https://en.wikipedia.org/wiki/Phishing

How do you recognize them?

It’s not easy. Phishing attacks often try to mimic another legitimate service, like an email from your bank, or a share notice in Google Drive, or other file sharing service that you may be familiar with.

Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware. Attempts are typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

The best defense is to know what the legitimate communication looks like. For example, what do emails from you bank look like, and what email address are they sent from? Most services are upfront with how they will communicate with you, and most will never require you to respond with your password or other sensitive data.

Phishing Examples

IMPORTANT_DOCS_-_andreas_johansson_kenstonapps_org_-_Kenston_Local_Schools_Mail

This is a phishing attempt to get you to click on the link. It mimics Google Drive, or other file sharing system you may have used and are likely to click on. Notice the spacing in the words, and often awkward sentence structure / grammar issues.

OSOB_Intro_Letter_2015__Page_2__-_Invitation_to_view_-_andreas_johansson_kenstonapps_org_-_Kenston_Local_Schools_Mail

This is a real share notice from Google Drive. Learn to recognize what they look like.

Screen Shot 2015-11-30 at 1.35.29 PM

These kinds of emails (Nigerian scams) are never legitimate. Here, Google Mail has even helped in identifying it for you. No one from Nigeria will ever send you money. Ever.

Screen Shot 2015-11-30 at 1.37.49 PM

This is a good example of spear phishing, where the email is very tailored, including my name, and my place of work, and is in reference to an event that may have actually taken place. Notice the link to unsubscribe – in this case, this leads to the malicious website that will attempt to capture my information.

Screen Shot 2015-11-30 at 1.40.04 PM

This kind of email (above) is very common – asking you to reset your password. At Kenston, we will never ask you to send us your password in an email, or reset it this way. Few legitimate places do, but plenty of people click on these links to make it worthwhile for the hackers.

Here are a few more ways to spot phishing attacks:

  • Unrecognized sender. This is usually a big giveaway. If you don’t recognize the sender, treat it with suspicion. Even if the recipient appears with the same domain, always question this as clever phishing attacks can use the same company domain to trick users.
  • Unexpected emails. Unless you’re expecting an email from a company i.e. a delivery shipment notification, or a lottery win, treat this with suspicion. If unsure about a delivery shipment, contact the official company – acquiring their contact details through their official website.
  • Prompts to open up attachments. Avoid clicking any links or opening attachments.
    Odd looking website addresses. Another clue to phishing emails are links in the email having suspicious website addresses, which can redirect you to a dodgy website.
  • Odd looking or out of place emails. If you’re able to look at the sender’s details, see what email address it displays. Most of the time their email domains will not match the company they claim to be from. For instance, an email claiming to be from your bank could have @yahoo.com domain. This is an obvious giveaway!
  • Impersonating institutions and companies. As mentioned earlier, be suspicious of so-called emails posing to be Banks, the IRS, Social Security Office and so forth. They rarely contact users through email. If in doubt, contact them directly and not through any telephone numbers given in the message.
  • Poorly written English and grammar. Many phishing emails contain poorly structured sentences and grammatical mistakes which sound like they’ve been written by a ten year old or a non-native English speaker.

What Can You Do?

  1. Create and use strong passwords, and never give out your passwords to anyone, especially if they ask for it via email or over the phone.
  2. Manage your profiles online, and don’t use the same password for multiple services.
  3. Learn to recognize what actual, legitimate, communication from companies and online services look like.
  4. Report suspected attempts to your IT crew – forward us an email you suspect, or tell us what you did right before noticing strange behavior in your inbox.