What is a Phishing Scheme?

What is a phishing scheme?Phishing is the attempt to acquire sensitive information my masquerading as a trustworthy entity in an electronic communication.  It can also be considered cybercrime.

Have you ever received an email from a bank, paypal, or another entity that asks you to update your information?  Chances are, its a phishing scheme.  The email looks exactly like it came from the entity, including the logo and important information pertinent to that entity.  It may take a sharp eye to recognize it.  Hackers and thieves are after you.

Phishing is a continual threat that keeps growing to this day. The risk grows even larger in social media such as Facebook, Twitter, Myspace etc. Hackers commonly use these sites to attack persons using these media sites in their workplace, homes, or public in order to take personal and security information that can affect the user and the company (if in a workplace environment). Phishing is used to portray trust in the user since you can usually not tell that the site or program being visited/ used is not real, and when this occurs is when the hacker has the chance to access the personal information such as passwords, usernames, security codes, and credit card numbers, personal health information among other things.  There are various types of phishing techniques.  A few examples are link manipulation, filter evasion, and website forgery.

How to recognize a phishing scheme

1.  Spelling and bad grammar – Cyber-criminals are not known for their grammar and spelling.  Professional organizations and companies usually have a staff of copy editors that will not allow a mass email to go out that is not grammatically perfect.

2.  Links in emails – If you see a link in an email, do not click it.  Hover your mouse over the link to see if the address matches the link that was typed in the message.  Chances are, the link will reveal the real web address, that is usually a string of cryptic numbers that look nothing like the companies website.

3.  Lastly, if ever in doubt, pick up the phone and call the entity to verify the email.

Additional read:  5 steps for keeping hackers out of your PC.