Do you know what phishing scams looks like and how you can avoid being caught?
What are the golden rules when receiving email?
Here are some smart strategies for you to keep safe.
What is phishing?
A phishing scam usually involves a fraudulent email and website that attempts to steal your information or identity for financial gain. Chances are you’ve seen plenty of them before. Phishing scams often involve a story where you win the lottery, a relative is kidnapped, you are asked to help out a beautiful Russian lonely heart, or something equally as unlikely.
For the most part, phishing scams are obvious and prey on the weak. Most of us are unlikely to be sucked in and reveal our personal information or our passwords. However, just as users are smartening up to phishing scams, scammers’ tricks continue to evolve. Fake emails are getting more sophisticated and ‘real’.
Phishing emails purporting to come from companies you have history with are perhaps more dangerous than those involving obscure stories. When your guard is down, you are more willing to trust and consequently more susceptible to reveal personal information.
The PayPal example
PayPal is one of the largest providers of safe, online payments. With its wealth of financial data, PayPal is a big target for phishing scams. There is a lot to gain by scamming its users. Here’s what a recent scam aimed at PayPal users looked like.
As you can see from the sample (stopped by MailGuard’s email filtering service), phishing emails can look legitimate. Branding is often identical to communications received from PayPal (point 1). The postal address is correct (point 2). Most the links go through to the correct PayPal address (point 3).
The email looks legit at first glance, but look closer and it’s clearly a scam. Mis-spellings (point 4) and bad English throughout are a big giveaway.
The link to login (point 5) actually goes to a url that is different to PayPal – hover over links to see where they point to. The scammers even have the cheek to mention how they protect against fraudsters.
PayPal phishing scam must-read
1. The sender address can look legitimate even if the email is a scam.
2. PayPal will never ask you for personal information via email.
3. PayPal will never ask you to download any software or attachments via email.
4. If you are unsure whether or not an email is legit, login directly using a secure login from your web browser (not via the link in the email).
Tell-tale signs of phishing scams
1. A heightened sense of urgency in the email
2. Bad grammar, poor spelling, misuse of punctuation
3. Verification of personal emails
4. Illegitimate links (hover over them and you can tell straight away)
5. Generic throughout, no use of personalisation
6. Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)
7. Distorted logos/poor quality graphics
Defend your inbox
Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.
Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network.
Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
