Skip to main content
WNYRIC Main Office
Erie 1 BOCES
355 Harlem Road
West Seneca, NY 14224

Our Offices
BOCES We Serve

WNYRIC on Facebook
Technology Solutions
Don’t get caught phishing without a pole

Supporting imageAs usage becomes greater by the day, so does being scammed. Hackers are just looking for ways to steal your personal information – whether at home or at work. 

According to Get Cyber Safe, there are a 156 million phishing emails a day being sent out world-wide, of which 80,000 emails are typically opened. Cyber criminals start their phishing journey by sending out millions of emails that ask the recipient to click a link or provide information.  

The user is just opening the emails and clicking on the links without really knowing why. People tend to just scroll through emails without really noticing what they are – or what they contain. It’s a big problem in society – which we will get to later.Decorative image

After everything is opened up and clicked, 80,000 people, who clicked the link are netted by the baited website. Their information results in stolen identities, financial loss, credit card scams and other internet scams.

In the fast paced life that we live in, people sometimes just don’t know what to look for when being phished. Criminals have been creative in their ways of disguising corrupted emails – so people will click on them. 

Here are some things to look for next time you see an email that you might not recognize.

Don’t trust the display name

A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Return Path analyzed more than 760,000 email threats targeting 40 of the world’s largest brands and found that nearly half of all email threats spoofed the brand in the display name. 

Even though you may get an email from your bank, don’t trust the display name. Check the email address in the header from—if looks suspicious, don’t open the email.

Look but don’t click

Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new window and type in website address directly rather than clicking on the link from unsolicited emails.

Protecting against malware

How do I make sure my computer or network is malware-free?

The answer has a couple parts: personal vigilance and protective tools. One of the most popular ways to spread malware is through email, which may be disguised to look as if it is from a familiar company such as a bank or a personal email from a friend.

Be aware of emails that ask you to provide passwords, or emails that seem to be from friends – but have only a message such as “check out this cool website” followed by a link.

Personal vigilance is the first layer of protection against malware, but simply being careful is not enough. Because business security is not perfect, even downloads from legitimate sites can sometimes have malware attached. So, even the most prudent user is at risk, unless you take additional measures.

Check for spelling errors

Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Analyze the situation

Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Don’t give up personal information

Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.

Beware of urgent or threating language in the subject line

Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Review the signature

Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Don’t click on attachments

Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Don’t trust the header from email addresses

Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address. Emails with forged addresses may appear to be from your bank or another legitimate business.

They’ll often ask you for sensitive information such as your credit card information or social security number, perhaps after clicking a link that leads to a phishing site designed to look like a legitimate website.

Think of an email’s “From” field as the digital equivalent of the return address printed on envelopes you receive in the mail. Generally, people put an accurate return address on mail. However, anyone can write anything they like in the return address field – the postal service doesn’t verify that a letter is actually from the return address printed on it.

Don’t believe everything you see

Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

At the end of the day, these all aren’t sure fire ways to help you not get phished. Criminals are getting smarter with the technology they have every day – and they will soon find more creative ways to get to the people they are targeting.

One of the best ways to not get scammed is just not to open the email. If it looks phishy it probably is.





< Back  |  View All Articles