A phishing email is an email crafted to appear legitimate in order to trick you into clicking on a link or attachment. Said link or attachment will contain malware.
Phishing emails are nothing new, but they have become much harder to spot, and are becoming much more common (because they work).
We help people and companies deal with phishing email fallout all the time. Here are a few tips to protecting yourself.
Preface:
One aspect of email you need to be aware of is spoofing. I can send you an email right now that says it’s from your best friend, or boss, or bank. Phishers get these email addresses in a few ways but typically someone who has your email address unknowingly installed malware and the first thing malware does is harvest contacts in order to send more phishing emails.
So, just because you get an email from Uncle Bob, doesn’t mean it’s an email from Uncle Bob. Just because you get an email from PayPal or Amazon it doesn’t mean they actually sent it. Therefor we must be vigilant and double-check everything because I can tell you from experience, if you get malware today there is only one solution – rebuild the operating system. Don’t wast your time or money with malware tools that ultimately do not work. Once you know for sure you’re infected, back up your critical data and rebuild.
NOTE: Kibosh customers can always call 888-727-3018 and we’ll guide you in the right direction.
Detecting Phishing emails:
# 1) Never ever open an attachment, period. These days most files are deployed via DropBox / Box / Google Drive shared links anyway. At the very least double-check (reply asking the sender for confirmation) with the sender. Yes it’s a bit of a hassle, but it’s far far better than getting infected with malware.
# 2) Hover your mouse over a hyperlink and the full URL will be displayed – this is the only way to know for sure, and if it’s a link to an infected malware website it will be obvious.
Example: this phishing email was designed to look exactly like a Barracuda SPAM firewall quarantine email – if the user had not been paying attention they would have clicked on the link, but luckily they checked the URL first (hover mouse over..).
Here is another one from a FedEx Tracking email – and the only way to tell it was a phishing attempt:
Two points from these real-world examples:
# 1) phishing emails have become very hard to spot
#2) The Kibosh Internet filter would have blocked this site so even if you had been tricked, you would not have been infected.
Your Kibosh service does much more than just remove pornography, it’s also a valuable layer of Internet security you cannot get from software.