Phishing email messages are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer.
Cybercriminals also uses social engineering to convince you to install malicious software or hand over your personal information under false pretences. They might email you, call you on the phone, or convince you to download something off of a website.
For instance, a message like the one shown below, it looks a legitimate email, but on a closer look it is not.
This email was received by Compliance Council this morning to one of our publicly available email addresses.
So how one can differentiate between a legitimate email and a phishing email?
Step 1: Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organisations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam. But in some cases, Cybercriminal can create an excellent email message like the one shown above.
Step 2: Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address. You can verify the domain information through www.whois.com website.
Step 3: Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message? Cybercriminals often use threats to play with human psychology.
Step 4: Spoofing popular websites or companies. Cybercriminal use graphics in email that appear to be connected to legitimate websites but take you to phoney scam sites or legitimate-looking pop-up windows.
If you suspect that you've responded and/or click on the link, download the file, open the file and execute the contents, take these steps to minimise any damage and protect your identity:
Methods for raising information security awareness doesn't always have to be boring. Our favourite resources are the ones provided by Phisme. They have produced a series of posters based on popular TV shows such as House of Cards: