- Phishing or Scamming: is a way used by malefactors to steal your information you methods depend on email that will make you give the required information willingly.
It’s all starts by emails. Emails are the past and modern way to communicate officially between corporates or even on the personal level, there are many modern apps and social networks that required and email to register in. even though there are many communicate apps and social media but the emails stays the basic for all these. If we went to the level of trusted and most official way to communicate between corporates we will find that emails are the most official way to do so. And that what makes email accounts more seductive for cybercriminals call for and try to collect.
Now after we knew about emails let’s see how the cybercriminals tries to attack people and what are the most common methods they use to.
There are three most common way are:
- Simple text requesting information: such as an email telling you that your email quota is full or running out of quota and you need to provide your information by replying to the email as soon as possible or something will happen to your account or could you lose your account, my advice DO NOT ever reply to such emails, they are phishing emails.
- Text with link sends you to a phishing website: in such letters will be a simple official look like text asking you to click on a provided link in the letter body to login to your account in favor for acquiring some makeup issue, DO NOT click on these kind of links they are made for phishing.
- Simple text email with phishing attachments (PDF, DOC): this type of emails is created to bypass some security providers that looks for suspicious links and block them, so the cybercriminal sends an attachment having inside an look like legitimate letter asking you to click on specified link and replying on the email to another email address with your information in it.
The most common topic that the malefactors use in the phishing emails are:
- Account problems: such as email quota issues.
- Imitated business corresponds: pretending to be an official account asking you to provide information or to do some instructions, could be presenting themselves as your support helpdesk (in some freebased email account), or pretend to be a corresponded corporate asking to verify a purchase order requiring you to log in through provided link which is prepared for phishing victims.
- Most important to remember is that most phishing emails requires you to respond in a short limited time no more than 48 hours, so they make the victim do not thinking actions to provide the information.
Now after you knew all these information will start to think how I can identify a phishing email, there are basic thing you need to get attention to:
- Look at the domain if it’s not related to the sending corporate name, is considers as phishing email.
- Look or hove your mouse over any provided link if the organization name is in the path and not the domain name, it considers as phishing email.
- You will find some spelling error in the text body, or even some letter or symbols from other languages.