Blog

8 min read

Contributors
Full name
Cyber Collective Staff
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Follow Us
Research Abstract:
Published on
August 13, 2024

What is Phishing? (And How to Spot a Phish)

Learn what phishing is, how to spot phishing attempts, and where to report these scams to protect yourself and others from cyber criminals.

Phishing is a type of online scam where cyber criminals who pretend to be legitimate organizations reach out to people via email, text, or other means in order to steal personal (and sensitive!) information.

These messages often mimic the language a trusted company would use, such as your bank or an insurance company, to get you to enter passwords or credit card information.

If you’ve been scammed before, you’re not alone. According to statistics, more than 100 billion phishing scam emails are sent per day exceeding over $1 billion in cyber theft!

Dangers of Phishing

Phishing attacks come in many forms for a specific purpose. They’re used not only to steal your credit card information (although this is a common one) but can also be used to target a company or compromise an entire network using malware (aka malicious software).

Risks associated with phishing for personal information include:

  • Stealing funds directly from your bank
  • Identity theft
  • Hacking into your accounts and fake social posts
  • Loss of access to important files

Risks associated with targeting an entire organization include:

  • Theft of corporate funds
  • Compromising a company’s reputation
  • Gathering of sensitive information about employees who work at the company

How To Spot a Phish

Unfortunately, phishing software is becoming more and more sophisticated (and sneaky AF) in both tactics and in evading detection. That’s why it’s super critical to be able to identify a phish right away!

Here are some ways to detect a phishing scam:

Bad Spelling & Grammar

It’s common that a phish will use poor grammar, typos, or incorrect punctuation. Keep this in mind when reading a message from a “company” that most likely has a team of employees who would normally check for these kinds of errors.

Generic Email Domain

Credible institutions will always have the name of the org in their email address. So if you’re getting messages from a random Gmail or yahoo address, that’s a huge red flag!

It's also worth checking with important service providers what their method of contact is, as some don't even send emails let alone texts.

Asking for Personal Information

Any message asking for your sensitive or personal information should make you raise an eyebrow.

Ever gotten a text from the “IRS” asking for your social security number? If so, it’s not surprising. What’s also surprising is that the IRS would ever text you for this information in the first place. Because they wouldn’t!

Sense of Urgency

There's typically a sense of urgency associated with phishing scams that strategically play into the human psyche.

The message might ask you to “act now, or else…” using a fear-tactic. For example, you could get an email from an “insurance company” saying that you’re late on your payment, and if you don’t pay within 24 hours, there will be legal consequences.

Likewise, pity or greed is used to coerce people into revealing personal information. This can happen on social media or platforms like craigslist. For instance, you could get a message that someone is in dire need of your help or else they will suffer, and thus they need your private info. Don’t fall for it.

Suspicious Attachment or Hyperlink

It’s common that a phishing scam will ask you to click a hyperlink or open an attachment. This might link to a replicated site made to trick you into entering your info or clicking to download (most likely malware that will infect your entire network).

You can check this by hovering over the destination URL which should bring a pop-up preview. See if this matches what’s in the email. Also, be cautious about clicking on links that are abbreviated or use strange characters. When in doubt, don’t click anything!

Takeaways

There are plenty of phish in the sea scamming their way around. It’s becoming increasingly difficult to spot or detect phishing scams, so be sure to stay alert to the red flags and keep your personal information and that of your company safe!

Don't forget to save this post & share this with others to help them be more vigilant!

More Resources

Subscribe to receive our monthly newsletter & exciting announcements!
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
© 2023 Cyber Collective. All rights reserved. Site credits: The Process AutomatorRR Digital Media