What does Phishing mean?
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
Hackers try to manipulate their targets to gain information about them or to steal credentials of specific systems by sending emails, sms or even by calling and disguising themselves.
What can the hackers achieve?
- Personal Information
- Credit card details 🤔
- Login information
How can the data be used?
Your data has value on the black market. It can be sold to criminals to identify patterns. They’ll be able to know where you live, what your financial status is, etc.
AND buy things on behalf of your name 😤
How can you recognise these emails? 👀
- The email is send globally, not just you. You’re sometimes put in the BCC
- The email has a lot of spelling mistakes
- You will be threatened with consequences if you do not take any action
- A lot of attachments
- The sender is from a unknown source ([email protected])
How to prevent these phishing attempts?
- Be aware of the different strategies of Phishing attacks
- Use spam filters. Google and Microsoft have already implemented build-in filters in your mail. Most of these emails will be flagged as “unsafe”
- Never fill in your personal information on a website that isn’t trusted
- Always check the email links, hover over them and inspect the link carefully
Examples from my inbox 😝
Anyone can receive these emails. It’s up to us to know how the hackers are doing it, what kind of strategies they are using to create and deploy these attacks and to always stay up-to-date.
Some other examples can be found here
A handy cheat sheet can be found here
Always keep an eye out for these attacks. It’s better to be safe than sorry.
Stay up-to-date with the latest news on this particular topic, because your information is too valuable.
Keep doing those security awareness sessions.
Thank you for reading, there’ll be more coming soon.