Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity.
The word "Phishing" is a newly coined expression created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim.
Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate one and the only difference is the URL of the website in concern.
Demo of email scam:
Fake social web sites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that distribute malware.
Phishing can usually be spotted. These are the most common indicators:
- Bad grammar.
- Missing or strange fields in email.
- Salutation is missing. This can be an indicator of phishing email.
- Aggressive call to action. Businesses do not regularly require you to update your payment information or your passwords. Be wary of emails that ask you for too much information or use aggressive wording.
- If it sounds to good to be true - it is!
- Graphic is fuzzy. Design and the layout of phishing email often gives it away. Scammers rarely do their design work properly.
- Be suspicious of emails that request sensitive information.
- If in doubt, verify the origin of the email.
- Think twice before you open attachments or click any links.