What is Phishing & How to identify phishing emails?
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organizational ready has. The Website however, is bogus and setup only to steal the users information.
How to identify Phishing Emails?
- Phishing emails will appear to come from a friend, your boss, family member, bank, or government organization.
- Phishing emails might include text like "Verify your account ",”You have won the lottery”, or "If you don't respond within 48 hours, your account will be closed", “urgent response”.
- Phishing emails might ask you to click on a link or open a file.
- Phishing emails might include official-looking logos, wordings, and other identifying information taken directly from legitimate Web sites.
- Phishing emails might include links to spoofed Web sites where you are asked to enter personal information.
What is Spear Phishing?
Spear phishing is highly
targeted phishing attack.
Spear phishers send email that appears genuine and come from a trusted source like a work colleague, boss, friend, family, your bank, or government organization. The aim of the spear phishing is to trick the victim in to performing actions he/she will not usually do.
How Spear Phishing Works?
Criminals gather information about the target victim / and or organization. They often obtain it through websites, blogs, and social networking sites.Then,
they send e-mails that look like the real thing to targeted victims, offering all sorts of urgent and legitimate-sounding explanations as to why they need the information.Finally,
the victims are asked to either reply to the message, click on a link inside the e-mail, or open a file
NEVER click on a link or open a file coming from unsolicited email. Delete all unsolicited emails. If a message looks or sounds suspicious it is most likely a phishing email. Delete all phishing emails. If you are not sure, use your contact information (not provided by the email) and call the person to verify the request.