Recently hundreds of millions of email addresses surfaced in a handful of mega breaches including one involving MySpace. Experts now predict that a tsunami of phish attacks will follow in their wake, so it’s time to wake up to the risks.
What’s phishing, you ask? Since you don’t want to end up in this phish tank, it’s vital that you understand scam emails that attempt to get you to click a link or two. They’re called phishing attempts because scammers try to lure you into taking their bait. If you succumb, you could find yourself at a malware-laced website or download a toxic Trojan infection.
It used to be fairly simple – at least for grammar experts – to spot the phishing attempts. There’d be an awkward phrase or two in the email, and spelling errors sprinkled throughout the message. But lately, scammers have been employing native English speakers to craft their lethal messages. That makes it harder to separate the phish from the legitimate communications in your inbox.
One predominant theme is the email from a bank urging immediate action to prevent your account from being locked. If you don’t have an account at Wells Fargo, you’ll know immediately this is not a legitimate communication from them but sooner or later, a scammer will send you a mail that seems quite legit. It could be regarding a FedEx delivery or a notice from your actual bank.
Companies can sign up for free employee testing at knowbe4.com but individuals need to test their observation skills, too. Try out OpenDNS’s free test. It takes only a minute but will increase your phishing awareness greatly. There’s also a free, 20-question test offered by SonicWall. If you miss a few, the testers will explain each incorrect answer and help you up your phish finding skills.
If you take the test, let us know how you did. Email firstname.lastname@example.org. No cheating now!