We’ve grown used to hearing about internet scams. It seems like every week there’s something new on the news that is worth sharing, let alone all the old scams that are still working today. Phishing is tricky because cyber criminals aren’t your ordinary delinquents. They’re smart and sophisticated. They know how to disguise themselves to gain your trust. That’s why this article is focusing on how to spot a phishy email.
The term “phishing” describes an illegal activity in which criminals impersonate legitimate people or organizations through advertisements, email, even text messages. All three options usually include a link that appears to take you to an official website. Unfortunately, the website is fake and any information you share with them goes directly to the scammers.
“Phishing” is a spin-off of “fishing” because criminals use a fake lure, hoping to catch their prey.
In a word… very. When someone falls for a phishing scam, it’s likely they’ll have their identity stolen. This affects your credit score and can result in your bank accounts getting emptied. New credit cards can be opened in your name, causing even further damage. It’s also possible that by clicking on the link, the same link will be sent to all your friends and family either through your email or social media accounts. Now they’re also at risk.
Phishing messages try to look like a legitimate organization that you deal with. This could be your bank, your internet service provider, the government, even organizations such as Amazon or Netflix. However, if you check the return address from the message, you’ll likely see the address is a long URL, with incorrect spelling. For example, a phishing email could come from Amazon, saying there’s a problem with your order. However, the address came from “Amazom.ca” with an M at the end, not N.
There’s often an intimidating backstory involved in the email, explaining why you need to click on the link. This can include (but isn’t limited to):
If the email is threatening in nature, it’s likely a scam. It’s demanding “immediate action”, highlighting the consequences of not clicking the link. These consequences often include shutting down your account, paying ridiculous fees or even facing jail time. Keep in mind that no legitimate organization will make these threats.
Some scams are easy to spot. Others can take months for the victim to notice something is wrong and by then it can be impossible to find out what you did wrong. Fortunately, internet service providers, and web security organizations are always working to keep up with cyber criminals. If you’re concerned about your online security, read some important cyber-security tips here.