What is Phishing?
Phishing is a method of gathering personal information about you using deceptive emails and websites. This is an increasingly sophisticated form of cyber attack.
Phishing attacks generally begins as an email sent a recipient. The key to the email is that the recipient believes it is a message coming from a legitimate source. The email has some call to action in it, usually login here to update your information or confirmation of an action. The recipient then clicks on the link and provides some information, usually login credentials.
The attacker at this point has the recipient’s information and can do whatever they want with it – often times selling it and stealing other forms of indentification.
Here are some common features of phishing emails –
Too good to be true. The message if you really think about it is too lucrative or claims are too big.
Sense of Urgency. These emails usually have time limits – such as respond within the next 24 hours.
Links. Along with the sense of urgency is a way to satisfy the urgency by clicking some sort of a link.
Attachments. As an alternative to a link, the email might have an attachment and the sense of urgency is to click the attachment.
Unusual Sender. The sender will always be suspicious. Often times it is a simple misspelling of a company such as email@example.com.