Like many other IT-related words, you may have heard the term ‘phishing’ somewhere on the news. Though you may know of the word, you still might ask, “What is phishing?”
That’s why you’re about to learn what it is, who it affects and some of the common methods that hackers and scammers employ to try to “phish” your information out of your hands willingly.
What is Phishing?
The term “phishing” is an IT word that comes from replacing the “f” in “fishing” with a “ph.” Like with the actual activity of fishing, hackers and scammers bait their lure in order to snag your information out of your hands. That’s also why it can be classified as a type of social engineering attack where no software exploits are used to acquire your information.
In that sense, it’s also one of the most dangerous types of attack, as a majority of antivirus software are unable to recognize a phishing attack. That means that you need to educate yourself to keep your information protected.
Who is Affected by Phishing?
Anyone with an e-mail address is likely to have seen at least one phishing email, especially because an estimated 500 million phishing emails get sent every day. The one group that this fails to include are the people who are led to false login and credential screens through compromised websites.
In short, everyone is affected by phishing. Even if you’ve never entered your email address online, there’s still a good chance that you’ll run into a compromised or fake login screen.
How Do Phishing Attacks Work?
As was mentioned earlier, the best way to keep yourself safe from phishing attacks involves learning what to look for. Typically, phishing attacks will look poor in quality because they’re sent to a large amount of people and often have a short life expectancy.
For an email phishing attack, there will generally be a broad opening line such as “Hello Sir or Madame.” Past that, there will usually be grammatical errors in the actual body of text that the party being imitated would never actually make.
In most phishing emails, there will be a call to action to open a link. To assess how trusted this link is, mouse over it and look at the actual URL. Read it from right to left, starting with the top-level domain extension such as “.net” or “.com.” If the URL looks fishy, then it’s more than likely a scam.
The other thing that you can often notice is that the web page will either look outdated or be of poor quality. This is another result of the fact that phishing attacks have very short lifespans.
What Can You Do About a Phishing Attack?
If you ever receive a phishing email, the first thing to do is to refrain from clicking or entering any of your information. If you do accidentally enter information, immediately contact the institution that was being impersonated for help.
If you didn’t give any information, then it would still be useful to forward the phishing attempt to the appropriate institution so they can prevent other people from falling for it. Most major banks and institutions, such as PayPal, have a separate form on their website where you can report attempted phishing.