Cybercrime is ever increasing.
In this article we’re looking at phishing and pharming, which are email techniques employed by hackers designed to:
- Harvest your login credentials to popular websites,
- Get you to send money to the scammers,
- Have you to download malware on to your machine,
- Expose your personal data.
In 2018, Phishing alone accounted for nearly one-third of all data breaches– Credit: TheSSLStore.com
Here’s what you can do to improve your effectiveness at spotting scam emails and also what to do if you’ve interacted with them.
But before we go forward…
What are phishing and pharming?
Phishing is used by cyber criminals to acquire your personal information by sending emails and other messages that are trekked out to look like a legitimate email (e.g. from Amazon). The email will try to entice you into clicking on a link to a spoofed website or downloading an attachment. Typically, the spoofed websites sit on domains with similar addresses to the legitimate company’s; for example a hacker trying to mimic amazon.co.uk might be register the domain of: ‘amzon.co.uk’.
Pharming is like phishing, but instead of sending users to fake websites on different domains (to the legitimate companies), hackers, via DNS hacking & access, will send users to the fake website, even if the website address is correct.
Our 3 Top Tips To Keep You Safe:
- Check the identity of the email sender. Don’t just look at the name, inspect the email address and pay close attention to the content after the ‘@’ symbol.
- Take your time reading the email. Check for spelling mistakes; large legitimate company emails won’t contain spelling errors. Also, see if the email is addressing you personally, which usually they should.
- Don’t open any attachments from senders you are not familiar with or not expecting. It’s almost bound to contain malware (malicious software). Double check with the company by calling them.
If in doubt, raise the email with your IT support provider or the actual company, but don’t just hit reply to the email address, call them up or use another trusted email account of theirs.
What To Do If You Have Interacted With A Scam Email
This depends to what extent you’ve interacted with the sender/email, here are three likely scenarios.
- If you have paid money out (e.g. paid a fake invoice), contact your bank immediately. Most mainstream banks have a specialist team to help you through this situation.
- If you have downloaded a suspicious attachment, perform an antivirus scan and speak to an IT specialist, we’d be happy to recommend one.
- If you have entered your credentials into a ‘fake’ website that’s tricked out to look like the real thing. Change your password on the actual website and contact their support team to alert them of this.
Unfortunately, even with the best anti-spam software in place, the odd email may still get through, so be vigilant and stay safe.