Phishing continues to rank as the top hacking scheme. 47% of phishing attacks deliver ransomware payloads. Other repercussions include:
- Loss of data (60%).
- Compromised accounts and credentials (52%).
- Malware infections (29%).
- Financial losses, e.g., wire transfers, etc. (18%).
In the USA, cybercriminals have successfully attacked 74% of organizations via phishing.
What is Phishing?
Phishing is:
The act of sending email that falsely claims to be from a legitimate organization. This is usually combined with a threat or request for information: for example, that an account will close, a balance is due, or information is missing from an account. The email will ask the recipient to supply confidential information, such as bank account details, PINs or passwords; these details are then used by the owners of the website to conduct fraud.
Wiktionary (https://en.wiktionary.org/wiki/phishing)
More phishing websites exist (Google has registered 2,145,013 phishing sites) than malware sites (28,803), making phishing one of hackers’ favorite cyberattacks.
Humans make phishing dangerous. In fact, hackers use people, such as you, to attack individuals and business more than any other attack vector.
We want you to avoid phishing scams.
Continue reading to learn 5 top ways to spot a phishing scam in 2021
5 top ways to spot a phishing scam in 2021
You don’t have to become a phishing victim. Use the following tips to spot and avoid phishing scams.
1 Check the subject line.
According to Symantec, the top five successful phishing subject lines for business are:
- Urgent
- Request
- Important
- Payment
- Attention
Other top signs of a phishing attack include the following email subject lines:
- IT: Annual Asset Inventory
- Changes to your health benefits
- Twitter: Security alert: new or unusual Twitter login
- Amazon: Action Required | Your Amazon Prime Membership has been declined
- Zoom: Scheduled Meeting Error
- Google Pay: Payment sent
- Stimulus Cancellation Request Approved
- Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription
- RingCentral is coming!
- Workday: Reminder: Important Security Upgrade Required
2 Check the sender
Phishing emails appear to come from brands that you trust.
Right now, the most frequently impersonated brands include:
- Microsoft.
- DHL.
- LinkedIn.
- Amazon.
- Rakuten.
- Ikea.
- Google.
- Paypal
- Chase.
These and other brands inspire confidence. Also, many people have accounts with these brands, so receiving an email from them might not trigger your suspicion.
3 Inspect the story
Phishing attacks often involve a story of some kind. These emails may:
- Tell you they’ve noticed some suspicious activity or log-in attempts.
- Inform you that there’s a problem with your account or your payment information.
- Ask you to confirm some personal information.
- Include a fake invoice.
- Urge you to click on a link to make a payment.
- Notify you that you’re eligible to register for a government refund.
- Give you a link to a special offer a coupon for free stuff.
4 Look at the greeting
Phishing emails often use a generic greeting, “Hi Dear.” Most businesses probably won’t use a generic greeting like this.
5. Check out the infographic
Learn from the infographic (Credit: Cybersecurity Ventures) below to learn more ways to protect yourself by spotting and inspecting the emails you receive.
What should I do after clicking a phishing email link?
Visit the Federal Trade Commission to learn how to report phishing attacks and how to protect yourself when you become a victim.
Learn more from Simple Online Security
Don’t leave!
Check out the following cybersecurity resources published right here at SimpleOnlineSecurity.com.