Dictionary.com http://www.dictionary.com/browse/phishing?s=t defines the term phish as a verb (used without object) as follows:
“to try to obtain financial or other confidential information from Internet users, typically by sending an email that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website that replicates the real one.”
Along with ransomware, there are numerous security threats and ways that hackers try to get your info or your money. Phishing is one such method and as with most things, practice makes perfect and hackers have been practicing for quite a while now.
There are a few indicators of a phishing attempt but to be honest, most people are too busy to investigate and end up too far down the road before realizing they have been a victim of a phishing attack.
The most common way to be attacked is to have a spoofed email address which looks like a valid email that you are used to and may even incorporated a valid email signature as well. If you look closely enough, you may see certain differences but you may not as some things can’t be seen. Imagine and email domain being @email.com but you get a phishing email from @emaiI.com with the difference being that the “l” is actually a capital “i” but you can’t tell that given the font used.
Nothing is off limits and morals don’t come into the equation when discussing hacking attempts. Another example of this type of hack happened recently when a Calgary minor hockey association was targeted and it all seemed legitimate to the people involved. As a result, a huge amount of money was lost and procedures are now being investigated and will be improved upon to avoid this in the future.
One should always take care when opening a link and if you are unsure, don’t open it and simply delete it. One way to identify a phishing attempt is to hover over the link to see the url address that you will go to if you click. If those don’t match, chances are that this isn’t what it appears.
You should also take care when people are asking for personal information via email as that is typically against the procedures of legitimate businesses.
At GAM Tech, we always work to prevent such attacks and prepare you for them should you be hit. We provide knowledge and training on what to do, more hints to verify them and we stay current on what hackers are up to so that you have the best chances to avoid an attack.
Published By: Adrian Ghira on February 27th, 2017