What is phishing and how to spot it

Phishing is a type of spam content that pretends to be from a legitimate source. Normally the content tries to spoof a popular brand or a brand that you've purchased products from online.

they cast a wide net...

...hoping for a few victims out of thousands or even millions of emails sent.

These attacks have become more and more common and they're lures are trickier to spot. They're after sensitive and personal information but they're also looking for a way into your device and network.

We have a 3 step system for checking if an email is spam and is phishing for my click.

I use all 3 steps to determine the legitimacy of an email. Each step on it's own means nothing because all 3 areas that I check can be spoofed. There will always be more and more sophisticated ways of spoofing so the best method is common sense. Don't click that link, access the company's website by using Google or another search engine like Bing or duckduckgo.

1. What email address is the message coming from?

If it's from a corporation, and most modern phishing scams pretend to be, the email address will be from a domain related to the brand. For example: support@microsoft.com or noreply@apple.com. This is fairly easy for a hacker to change so this on it's own doesn't make an email legitimate.

2. Does the message's content make sense and sound logical?

Often you'll find typo's and mistakes in fake content. Read the entire message and see if you can spot any discrepancies - they can often be quite obvious.

3. What are the URLs the message is trying to take you to?

When you hover your cursor over the links in the message the URL they would take you to is shown. This such an easy way to spot a scam and it's harder for the hackers to fake.

Phishing is the most common type of computer related attack

Learning how to spot this type of content is increasingly more important as it becomes better at pretending to be something they are not.