Blog Post
Interesting and Relevant Articles on Cyber Safety
What Is Phishing?
Phishing is one of the most common types of social engineering and a relatively unsophisticated form of cyberattack. Phishing attacks, often carried out through email, involve hackers impersonating legitimate individuals or organizations, such as banking institutions or governmental agencies. In such attacks, the hacker asks the user to provide some piece of private information.
Many phishing attacks urge users to act quickly in order to rectify a problem that has arisen.Other phishing attacks might claim the user has won a cash prize or claim to be collecting charitable donations in the aftermath of a natural disaster. Others will try to elicit information or donations that somehow relate to current events, such as elections, or might involve any number of other scenarios. But no matter the set-up in the phishing attempt, the hacker’s objective is the same: to manipulate the user into taking some particular action or providing some crucial piece of personal information.
Although phishing attacks are serious cybersafety threats, they are usually easy to spot for a user who is informed. The Cybersecurity and Infrastructure Security Agency of the US Department of Homeland Security provides a list of common characteristics of phishing emails that make them easy to identify, including:
- a sender’s address that is similar to that of an actual organization but that has been altered slightly.
- generic greetings––such as Dear Loyal Customer––that don’t address the user by name in the way that a legitimate organization usually will.
- a signature block without any of the organization’s contact information.
- links whose written address does not match the address that appears when the user hovers over the link.
- errors and inconsistencies in grammar, spelling, formatting, and sentence structure that would otherwise be seen and corrected by a reputable organization’s proofreading team
- attachments that were not solicited by the user and that the email urges the user to open as soon as possible.