Email phishing is a type of cybercrime in which malicious attackers send fraudulent emails that appear to come from a legitimate source. These emails trick recipients into clicking on malicious links, downloading infected attachments, and revealing sensitive information such as passwords, credit card information, personal identifying information, etc. It is designed to cause you to perform a specific action.
Signs of Email Phishing:
Recognizing the signs of email phishing is the first step in
self-protection. Common signs are:
- Suspicious sender address: Check the sender’s email address. Phishing emails often use slightly altered or misspelt versions of legitimate domains.
- Urgent or threatening language: Phishing emails often evoke a sense of urgency or fear. They may claim that if you do not take immediate action, your account will be suspended or you will face legal consequences.
- Spelling and Grammar Errors: Many phishing emails contain spelling and grammatical errors because they are often hastily constructed.
- Unwanted attachments or links: Be wary of unexpected attachments or links in emails. Hover over a link (without clicking) to see where it le
- General Greetings: Phishing emails may address you using generic terms such as “Dear Customer” instead of your name.
- Requests for personal or financial information: Reputable organizations typically do not request sensitive information via email. Please be careful with such requests.
What to do if you experience an email phishing attack:
- Don’t click or download: Do not click on links, download attachments, or respond to emails. This can expose you to malware and other attacks.
- Sender Verification: Contact the suspected sender through official channels (not the email contact details) to confirm the authenticity of the email.
- Use email filters: Enable spam and phishing filters for your email account. These filters automatically detect suspicious emails and move them to your spam folder.
- Verify the URL: If you suspect that email is phishing, verify it by hovering over the URL in the email. Make sure it matches the official website domain.
- Keep your software up to date: Updates often include security patches. Make sure your operating system, browser, and email client are updated.
- Use two-factor authentication (2FA): Enable 2FA on your email account for an added layer of security.
- Report phishing emails: Most email services have an option to report phishing emails. Use this feature to improve email security.
- Change your password: If you believe your account has been compromised, please change your email password immediately. Use a strong, unique password for each account.
- Educate yourself and others: Stay informed about the threat of email phishing and inform your friends, family, and colleagues about the risks and how to recognize a phishing attack.
Email phishing is a continuing threat, but with vigilance and knowledge, you can protect yourself from falling victim to these scams. Remember that your best defence is awareness and a healthy dose of scepticism. Stay informed, stay alert.