Better understanding the Threat of Phishing

Don’t expect a peaceful day on the water when it comes to Phishing. Ignoring the threat of phishing will leave you vulnerable to the terror and risk lurking in your very own email.

What is Phishing?

Even though phishing isn’t as fun as actual fishing, just as you get excited about catching a fish, a phisher gets excited by reeling in your valuable personal information (such as usernames, passwords and credit card information). Emails that seem to come from legitimate websites and trusted source like Amazon, eBay, or even what looks like your bank. The emails will most likely say you need to update your information due to it being out of date. Next, there will be a link they will provide for you to give your username and password in the email.  After you unknowingly make the horrible decision to click on the link, this is when they will start asking for phone numbers, full name, address, social security and even your credit card number. The sad thing is you may not even know how bad it is until it’s too late, due to how real the emails may seem and how you wouldn’t even think twice about updating your personal information. After you visit the malicious website, and trustingly put in your information, the phisher behind it all has the information to access your account.

Recognizing a Phishing email

Being able to recognize a phishing email is defiantly the first line of defense. The bad thing is a phisher does everything in their power to make you feel like the information your giving is going to a trusted source. The first step you should always do is to inspect the email address that sent you the email before even looking at the email content. At first glance, the phishing email may seem like it’s from a legitimate source but there a ways to see through it. For example, if you are being directed to eBay, then the last part of that domain should end in eBay.com. This means if you see that you are being redirected to https://cmm25.eBay.com you are going to a valid site but https://eBay.userlogin1234.com is a fake address. In addition, if a URL has an IP address rather than a domain name such as 34.22.111.387 you should defiantly categorize that email as a scam.

How to avoid phishing

You should first and foremost always be aware and inspect any email you decide to click on. Things to look out for that are easy to spot are if your name is wrong or any misspellings, or if the graphics seem off to you. If you notice any of these, you should delete the email immediately without a second thought. Another thing to avoid being scammed is if you do get an email from what seems like a trusted source, like your bank, about updating your information you should go to that site directly not through any link. That way you can login to what you know is trustworthy and from there if there are any notifications that your information needs to be updated you can do it from there safely. Last but not least one of the most significant things to help avoid phishing scams is to continue the pursuit of educating for you and all other employees. You need to always stay alert and focus on your safety against phishing emails because they are continuously improving, so you need to be knowledgeable about what to look for. Yes, there are extra steps you can take such as third parties solution providers, and software to help filter out the dangerous emails, but you and other employees are the first line of defense against phishing.