Tips for Identify a Phishing Email

Definition

Phishing is when attackers send malicious emails designed to trick people into falling for a scam. The intent is often to get users to reveal financial information, system credentials or other sensitive data.

The term “phishing” came about in the mid-1990s, when hackers began using fraudulent emails to “fish for” information from unsuspecting users. Since these early hackers were often referred to as “phreaks,” the term became known as “phishing,” with a “ph.” Phishing emails try to lure people in and get them to take the bait. And, once they are hooked, both the user and the organization are in trouble.

Phishing is an example of social engineering: a collection of techniques that scam artists use to manipulate human psychology. Social engineering techniques include forgery, misdirection and lying—all of which can play a part in phishing attacks. On a basic level, phishing emails use social engineering to encourage users to act without thinking things through.

Why Is Phishing a Problem?

Cyber criminals use phishing emails because it’s easy, cheap and effective. Email addresses are easy to obtain, and emails are virtually free to send. With little effort and little cost, attackers can quickly gain access to valuable data. Those who fall for phishing scams may end up with malware infections (including ransomware), identity theft, and data loss.

The data that cybercriminals go after includes personal information—like financial account data, credit card numbers and tax and medical records—as well as sensitive business data, such as customer names and contact information, proprietary product secrets and confidential communications.

Cybercriminals also use phishing attacks to gain direct access to email, social media, and other accounts or to obtain permissions to modify and compromise connected systems, like point-of-sale terminals and order processing systems. Many of the biggest data breaches—like the headline-grabbing 2013 Target breach—start with a phishing email. Using a seemingly innocent email, cybercriminals can gain a small foothold and build on it.



https://www.phishprotection.com/content/phishing-prevention/

https://www.scamwatch.gov.au/types-of-scams/attempts-to-gain-your-personal-information/phishing


https://www.proofpoint.com/us/threat-reference/phishing



What is a Phishing Email?


The tips you should follow to avoid Phishing Emails.

1. Don't Always Trust the Display Name


2. Don't Respond and Don't Click

3. Pay Attention to Poor Grammar and Punctuation

4. Closely Review the Email Signature

5. Avoid Emails Demanding an Urgent Response

6. Don't be Fooled by Short Links

7. Pass Up That Irresistible Offer

8. Don't be Immediately Pushed to a Website

9. Never Provide any Personal Information

10. Look for an External Message Alert




Recent Updates

Recent updates on DevOpsPal

Social

Follow us of social for latest updates.

DevOps Hub

Links to get started.