History & Introduction:
It is important to know how to recognize phishing emails. Phishing is a deceptive technique used by cybercriminals to trick or lure individuals into providing personal or other sensitive information via electronic mail. The word “phishing” is derived from the word “fishing.” They use emails that seem to be from reputable sources as the “bait”, and then expect to cash a “fish” which in this case can be passwords and credentials or even currency.
The ‘ph’ was used instead of ‘f’ because around 1970s, there was a technique called phone phreaking that criminals used to attack telecommunication lines. These hackers were referred to as phreak, a word created by John Draper AKA Captain Crunch. The actual computer phishing started around the mid-1990s. Some of the first attacks occurred on the America Online (AOL) servers, where hackers generated fake credit card number to open AOL accounts through a system call AOHell. These accounts were then used to spam other members and tricked them into giving sensitive information by posing as AOL employees. Since then, phishing has become more sophisticated and complex.
Recognize Phishing Emails – The Bait
Cybercriminals will first choose a company or some type of institution that they can use as bait in order to draw in their targets. Once a bait is set and their target is chosen, they design the perfect email to send to these targets. To earn trust, hackers use logos of well-known and trusted company in these emails. They obtain the information from their victims two ways; the first one is by asking the target to reply back with the information.
Second, hackers design a website that is identical to a familiar company website. This is why knowing how to identify legitimate hyperlinks is important. In order to reduce the risks of falling victim to this type of attack, it is critical that a person remains alert and be able recognize a phishing email using the indicators provided below. The image below show an example of a phishing email follow by explanations for each highlighted section.
- Hacker tends to mask their identity with names closely similar to a reputable source. Therefore, verifying the sender’s address is important. A hacker could attempt to steal a student’s identity by sending an email from this email address; bfo@outreach.qsu.edu. At a quick glance it may not be noticeable that it says QSU and not P Sometimes they may mask their email information to say something specific. This is why it is important to analyze the sender.
- There is a 90% chance that there will be a type of call to action. This is used to trigger a quick reaction from the victim. These call to action range from; unusual emergency that requires immediate attention, some type of upsetting email that plays into what a person is passionate about, request for donation/charity, and sometimes straight forward information sharing. For instance, a bogus email will be received with the subject line “Your Classes Will Be Drop Due To Past Due Fees.” Or it can say “New PSU Fees – Must Be Paid ASAP.” A student would immediately open it and attempt to resolve it. This is why these techniques must be understood in order to recognize them.
- Though not foolproof, the salutation is another indicator to detect a phishing email. Hackers use a generic salutation in order to send mass fraudulent email. In order to make the email more generic and applicable to all targets, hackers don’t have a name associated with the salutation. Most legitimate companies will include their customer name on the salutation line. This is a good indication to keep in mind.
- The next indication of a phishing email is grammatical errors. Looking at the line at #4, the word ‘infraction’ is misspelled as “infarction”. This is a common thing with phishing emails. Most of hackers don’t take the time to review for grammatical error. It is, however, possible that a well crafted and targeted phishing email may be grammatically error free, but a victim may not be able to recognize it if only this process is followed by itself. Another aspect beside grammatical error that is imperative is inconsistency. The body of the email may contain words or information that is not familiar or unrelated.
- Hackers are using hyperlinks to take their victim to a fictitious lending page. Although, a fake website URL can be spotted right away; other times it is not as sample as on the image above. Sometimes hackers mask the URL so that potential victim cannot see them. If clicked, it goes to a fictitious website that looks legitimate. By hovering over the link the true identity of the URL can be revealed. Sometimes it may be revealed in a bubble or at the bottom of the window as seeing below.
- Every so often, hackers will use a backdoor call malware in order to obtain information. They attach these types of malware as an attachment to an email. Once the attachment is clicked on, it is downloaded onto the device. Even having a robust virus protection such as, McAfee or Norton does not mean that these suspicious attachments should be clicked on. Some malicious malware are powerful enough to override protections.
Phishing attacks can be carried out using numerous techniques that direct individual to fictitious websites that they have personally created to look like a legitimate company websites. These attacks are not always broad, they can also be specific. Some are used to steal information, while others are used for collecting fraudulent payments. Being able to recognize the different signs are keys to being safe from these deceitful attacks. Always avoid providing sensitive information through unknown or suspicious emails. Also, avoid clicking on hyperlink but instead type in the company or institution website directly.
Other Interesting posts: