What are Phishing Emails
What are Phishing Emails?
You may have come across the term 'Phishing Emails'. But what are they?
Phishing emails are emails that pretend to be from a company that provides a service (such as a bank, email provider, game company etc). These phishing emails attempt to trick people into clicking a link and then entering in personal information such as logon details or credit card numbers.
These emails are sent out in bulk and generally people will just consider them to be 'spam'.
The most common form of Phishing emails relate to financial crime and will target financial institutions. What I mean is that most Phishing emails will pretend to be from your bank.
Why is it called ‘Phishing’?
The term Phishing originates from the term Fishing (obvious, I know). Basically, the fraudsters will send out thousands upon thousands of the same phishing email. They do not target or send to anyone in particular, so they are essentially ‘fishing’ for information, and hoping they get lots of bites.
Now I know what Phishing emails are, how do they actually work?
The whole point of phishing emails is to get you to click on the link, and then willingly enter your personal information such as logon details or credit card numbers. The link will often take you to a near exact replica of the real website of the company they are pretending to be, but this site will be run by fraudsters and any information you enter they will harvest and use.
Say the fraudsters were Phishing for banking details for example, they would use various social engineering techniques to get you to click on the link within the email. Some of these techniques include:
- The email will look very professional as if from your Bank (may use a graphical header for example), and the link text that it contains at first glance will appear to link to the Bank's website. However you will find that the actual link will be for somewhere else.
- To get you to click on the link, they will often allude to a possible security breach or attempted security breach of your account/logon details. You will need to click the link and enter the information to 'secure your account and confirm your identity'.
- They will place a time limit to create a sense of urgency. For example, 'If you do not respond within 48 hours your account with us will be closed'.
- The email will likely be addressed to, 'Dear valued customer' - Phishing emails are generally sent out in bulk, and will not be personally addressed.
How do I protect myself from Phishing emails?
The easiest way to protect yourself from Phishing emails is to NEVER CLICK ON A LINK IN AN EMAIL UNLESS YOU ARE 100% SURE OF THE SOURCE!
If you truly believe the email is legitimate, then CALL that institution on their telephone number that you have found on Google or in the phonebook yourself, and query them about it. But don’t, I repeat, DO NOT click on any links and enter information.
Educating yourself and using common sense is truly the best defence against phishing emails, as well as other Internet scams and fraud.