Red Flags for Phishing Attacks
Verizon published some great tips on what to look for in potential phishing emails.
Phishing attacks fall into several categories including:
- Smishing, which is social engineering in text messages
- Vishing, which is social engineering via phone calls
- Spear phishing, which is targeted phishing attack against specific persons, such as the CEO or CFO
- And of course, there is the normal email phishing attacks
So how do you identify fake attempts to separate you from your information and your money? Here are some suggestions.
- Scare tactics and urgency – you get a phone call that tells you that if you don’t pay back some money now an arrest warrant will be issued for you. This one does both fear and urgency.
- Lookalike web or email addresses – the addresses look “similar” to real addresses but maybe there is a 1 instead of an I or a zero instead of an O. If you fall for that, it is open season.
- Suspicious attachments – any unsolicited attachment should be treated with skepticism. For example, (fake) bills for a renewal for an anti-virus subscription that you don’t have.
- Impersonal greetings or bad grammar – yes, we still see phishers, even with AI tools, using incorrect English.
Verizon has examples to peruse (assuming you don’t already get enough) as well as recommendations on what TO DO and what NOT TO DO.
Check out their tips here.