Strategies for PHISHING Protection
Protect Your Online Accounts and Your Computer
Avoiding Hacking Attempts
See How to Avoid Being Caught by Phishing
Especially in these challenging times, we have to be vigilant against PHISHING Attacks.
Email Phishing scams are created by tech-savvy con artists and identity theft hackers.
What is Phishing?
Phishing is usually carried out using email. (Although phishing scams have now spread to social media, messaging services and apps.)
The goal of a basic phishing attack is to trick the target into doing what the scammer wants.
• That might be giving access to passwords to make it easier to hack a company.
• Or giving access to passwords to make it easier to hack an account.
• Altering bank details so that payments go to the scammers.
• The aim and the precise mechanics of phishing scams vary.
The Mechanics of Phishing
Victims are usually tricked into a clicking a link to a fake website page.
The aim is to persuade the user to enter personal and/or login information. It is estimated that an average of 1.4 million of these fraudulent websites are created every month.
The Good News: Phishers can only find you if you respond.
Google is a common company for phishing attackers to impersonate. Chase, Dropbox, PayPal and Facebook are all popular personas used for phishing emails. Attackers have also claimed to be from Apple, Yahoo, Wells Fargo, Citi and Adobe; or almost any bank or software company.
Always, always watch for emails that, while appear to be legitimate, are malicious and capture personal information.
But How to Know if it is really Phishing?
Phishing email messages are designed with branding to resemble businesses you recognize. Or, phishing attempts could replicate email messages of an individual or small business that you know.
Phishing scams often lure you with spam email and instant messages requesting you to “verify your account” or “confirm your billing address”. However users are taken to what is actually a malicious website.
Be very cautious. Phishers can only find you if you click on a link or respond.
Phishing is a deceptive attempt to get you to click on a link or respond to an email. The act of clicking on the link in the message or responding to that message provides the bad guys access to often identity-specific information. This includes usernames, passwords, credit card numbers and more.
In your strategy to stay safe online, closely examine the email address. When you hover over an email address with the mouse – the email may closely resemble either an individual you know and have exchanged email messages.
Or the email address could be impersonating an organization (bank or other business) you do business with or recognize.
How to Avoid Being Caught by Phishing
How do you implement a strategy of avoiding phishing?
I always begin my email message analysis in the upper-left corner of the email and work clockwise.
Using this technique, you will see the following information (in most cases):
1) The email address of the Sender,
2) The message receipt date and time, and,
3) The email Subject.
Step 1: Examine the Email Sender Address
👉 In viewing the sender’s email address, look closely at each letter in the email address!
You do this by hovering (not clicking) your mouse over the email address.
👉 Purveyors of malicious messages cannot use the actual company email.
Real Email Address Format Example: sendersname@realcompanyname.com.
👉 The company name may be in front of the “@” (the “at” sign) and a cryptic name after the “@.”
Fake Email Address Format: wellsfargo@wellsfargocustomerservice.com.
👉 You will catch most malware senders here.
👉 Be diligent in looking at each character in the sender’s email address.
👉 Consider: Is it odd, rare, or disquieting that a family member would email you? Check the sender’s email address – EVERY character in the email address.
👉 An example I can cite: Receiving an email from a sister-in-law who always corresponds with me via Facebook or texts.
Why is she sending email now? And finally, is it really her?
👉 Another red flag: Is the email subject unusual; or something outside any interest of yours?
Step 2: Examine Message Contents
👉 After checking the email address “to the letter,” you need to examine the context of the email message.
👉 Is the sender asking for assistance or a response? If either a response to the message – or assistance is requested – DO NOT CLICK ON THE SUPPLIED LINK!!
👉 Anytime you click on a link, notice the destination…where did clicking on that link take you?
Look up in the address bar at the website address.
👉 Unless you are intentionally navigating to a website and expect to land on a fillable form – NEVER supply personal information on a website (including logins).
👉 In General: Do Not Click on Links in any Email.
Exception: If you know the email sender and are expecting an email with links.
Even Then: Carefully follow the procedure in Step 1, above.
Reference
FTC, Federal Trade Commission: How to Recognize and Avoid Phishing Scams
Knowing is Half the Battle
In the G.I. Joe: A Real American Hero cartoon series (1983-1986) – every episode concluded with a G.I. Joe character saying: “Knowing Is Half the Battle.”
To stay safe and effectively use the internet – having knowledge is everything.
In my technology classes, I show students to implement strategies to be safer online. And how to be on the look-out for malicious content, often referred to as “malware”.
Knowing what to look for is one of the most powerful strategies in your digital tool-box for a safer online experience.
Help the mature adult close to you learn and master technology!
Need Info on Classes or Internet Coaching?
See more information at Why M.A.T.T.? and About Us.
See Reviews from our students.
Your Personal TECH Trainer – Daphne Lee, M.Ed.
“From MAC to Windows to iPhone, iPad and social media –
I guide mature adults and seniors to the best (and most efficient!) use of everyday tech tools.”
Daphne Lee is an energetic technical trainer who has successfully developed and taught technical training classes and various training(s) for the past 15 years. She has taught corporate staff, professionals, the under-employed and seniors. A certified IT professional, Daphne trains in all areas of computers and smart phones. Her training classes range from computer operating systems to software applications to smart phones and more.
Daphne now engages retired and mature adult students in learning new tech. She makes learning new software and applications easy and fun for mature adults!
See our articles on Thinking Systematically about internet use; Updating iPhone Skills and more – on our News page.
“This has been the most fun I’ve ever had learning computer use!” – Mature Adults Tech Training Student
Daphne Lee, M.Ed. – Professional Senior Adults Tech Trainer
IT Professional
Daphne Lee’s current technical certifications include: MCSE, MCSA, MOS, CNA, Network+ (Retired), and A+ (Retired).
Daphne has a Master of Science in Instructional Design degree at Boise State University.
“With a M.S. in Organizational Performance and Workplace Learning, I have refined my training skills, as well as developed skills in instructional design, workplace performance improvement, and performance consulting.
While at Boise State University, I also earned a graduate certificate in Workplace e-Learning and Performance Support (WELPs). I developed e-learning and blended learning projects to address workplace performance interventions.
“My goal is to increase computer and smart phone use and enjoyment through the effective use of technology tools.
Learning best use and tech shortcuts can be fun – and expands your world!” – Daphne Lee
M.A.T.T. Students Say –
Questions? We Have Answers!
Contact Mature Adults Tech Training