Phishing attacks are one of the oldest examples of cyber crime, and they’re still going strong. In 2015, there were approximately 9,500 phishing attacks, and about 10 percent of them resulted in a data breach (2016 Verizon Data Breach Investigation Report). Below are some of the more common types of phishing and three ways to avoid them.
What is Phishing?
While you might think it has something to do with a musical group, phishing is actually a form of social engineering that aims to trick victims into clicking on a malicious file or URL in an email. The file or link then attempts to steal personal information from the unsuspecting user. Some of the more common types of phishing are:
- Spear Phishing
- CEO Fraud
- Deceptive Phishing
Dropbox and Google Docs phishing have also become more prevalent in recent years, as the usage of these applications has grown.
Three Ways to Avoid It
Here are three primary ways to avoid becoming the victim of a phishing attack.
1. Pay attention to the details.
The objective of most phishing emails is to make them look as legitimate as possible so you’ll be enticed to click the link or open the file. This can mean that attackers pull official logos, contact information, or even language from the company’s website to sound authentic. However, most hackers apparently don’t know how to spell. Almost always there will be a misspelling or a missing capital letter or something else that doesn’t quite look right. Take a moment to observe these details.
2. Look for a security certificate.
Some scammers will hijack the DNS server of a web site and change the IP addresses to direct you to a mirror website. This is where they can capture your credentials. Look for the HTTPS designation in the upper left hand corner of your URL bar to be assured the site is secure.
3. Look for any ultimatums or deadlines.
Phishers like to imply a sense of urgency to cause you anxiety and force you to act without thinking. This is especially common when they are trying to steal your login credentials to a site like PayPal or eBay. If an organization claims they’ll do something drastic, like close your email account, if you don’t act soon, that’s a big red flag.
Stay Safe Online
By following these tips and staying alert online, you’ll be able to avoid a phishing scheme or other type of cyber attack. The most important thing to remember is that you are in control of the links you click on, and the emails you delete. It’s your account after all.