5 Ways to spot a phishing attack

How to spot a phishing attack is increasing important as a phishing attack is one of the most used techniques by malicious parties and information thieves in order to retrieve critical personal information from unaware users on the internet. These attacks are made through emails or websites designed to deceive the user and convince them that the email or website comes from a legit source.

The objective of a phishing attack is to make the user click a link, open a document, install a malicious program or give away their personal information (such as passwords or online banking data), and many people fall under these schemes because they don’t know how to identify false websites or emails. Keep reading to find five ways to spot a phishing attack. To prevent the malicious program outcome from phishing attacks check out our article – top 5 antivirus programs for 2018.

Check the URL at all times

If you’ve received an email that seems wrong, or are being asked for sensitive information, always check the URLs. First of all, make sure you’re on a secure, HTTPS connection: your web browser should tell you this. Also, check if the URL of the website you’re currently in (or any URL you receive through email) is from whoever tells you it is: for example, www.paypal.com is PayPal’s website URL, but if you are linked to wwwpaypal.com, that’s not a good sign.

Check for poorly written text

Another common characteristic of phishing attacks is that their messages are poorly written. Be wary of a seemingly official website with poor grammar, incoherent sentences, lack of punctuation sign and lack of legal notices. Most of the time, reputable websites and sources have faultless text and messages on their websites and emails, while phishers fail to copy these texts and write the messages themselves.

Be wary if they ask for personal information

A golden rule to recognize that something’s not right is that you are being asked for personal information. There’s no point on giving somebody else your password if you’re not signing into a website or actively using their services, and the same can be said of your credit card private information. Never send this kind of sensitive information through email if you’re being asked for it, and verify that you’re actually on the website you think you are before trying to log in.

Don’t fall for actions you didn’t start

You might have seen an ad or received an email telling you that you have “won the lottery” or “earned a free product”. This might sound attractive, but it’s actually a widely popular phishing method. The key to avoiding falling for this kind of scam is to know not to trust any information that tells you you’ve “won” or achieved something you didn’t even do.

Confirm the identity if you suspect something’s not right

Finally, if you receive a suspicious message from someone you trust, like a family member or workmate, confirm with them if they actually sent it: it’s possible that they were a victim of identity theft, or a phishing attack, and malicious parties are using their email address and contacts to obtain more information.