Phishing Still Phools Us With Realistic Looking Messages

Where did all this spam come from? You may ask yourself that question a lot. Well, it comes from many people, some not with the best of intentions. In fact, spam accounts for 48.16% of the email traffic worldwide, per Statista. So how do we manage not to click on something that results in successful phishing for an attacker? That’s a great and very important question that everyone should ask himself or herself, especially when it comes to messages that are so incredibly difficult to determine if they are real or not.

There are clues, however that can give it away, if you pay attention.

Setting Expectations. If you are not expecting a link or email in a message, it should throw up all kinds of red flags. Now, we realize that sometimes a family member or friend cannot help but send you a link to a funny cat video they know you’ll love, and that may be OK. However, they should preface it with a note or something to help you feel confident that’s really what it is. If it’s just forwarded with no personalized message, give them a call or send them a completely new email message to ask if it’s legit. Don’t reply to the message. Cybercriminals are become very adept at making sure they tick all the boxes when they are crafting messages. They even set up their very own support centers to take calls and they put the phone numbers and email addresses for them in those email messages.

Look for typos. Yes, they often still do make those types of mistakes, as well as grammatical errors too. If you see them, that email should go directly into the trash.

Read the email messages. Use eagle eyes. This is ESPECIALLY true if it’s coming from your financial institution or other important organization telling you to be aware of something. For example, a very realistic one went around recently pretending to be Chase Bank claiming that a payment had been scheduled. Of course it was designed to try to get recipients to panic and click a link. Just don’t. Stop. Breathe. You always have that much time. No email is THAT critical. Log into your account directly using your app, a browser with a bookmarked link, or call the institution to get to the bottom of it. It’s likely that if you do that, you’ll find out very quickly that the email was phishing, and you should delete it immediately.

Do you have an account with them? This last one may seem silly, but it has actually fooled people. If you don’t have an account from the sender letting you know you have an account problem, you can assume right away that it’s phishing. Yes, I know you’re shaking your head in disbelief and thinking “who would fall for a Netflix scam when they don’t have a Netflix account?” Well, people. That’s who. It’s because the crafting of these phishing messages has become so darn good. Yes, sometimes we have a lot of credit cards and may forget one we don’t use, for example, but it’s important to know what accounts you do have. This goes even if your significant other is in charge of managing them. So if you don’t have a Chase account…well, you know what not to do.