Don’t Get Hooked by Phishing Scams

Have you ever wondered how cyber criminals install malware on your computer?  I’m going to show you and give you three tips to keep it from happening to you.  I’m John Sileo and this is Sileo on Security.

This particular hacking technique is called Phishing, and it’s where Cybercriminals send you fake emails that look like they’re from a legitimate business – your bank, PayPal or even a recently breached company like Anthem or Target.

Phishing has gotten a whole lot better over the years.  You can’t tell it from spelling mistakes, grammar, bad logos.  It’s much more exact; the emails look exactly like the legitimate emails. And phishing has morphed into spearfishing.  This is where criminals know a little something about you, maybe from a previous breach and they can highly target you for these really malicious attacks.

So here are three quick tips to keep phishing from infecting your computer and stealing your data.

  1. First of all, I want you to mistrust every link in an email unless you know who it is coming from and you were expecting that link.  Often times they’re collecting your personal information when you click on that link or downloading malware onto your system.  A lot of times there will be a link in the email that looks almost exactly like the legitimate link. So if the link takes you to a place where it’s asking for your money or for your information, just ignore it.
  2. The next thing you can do if you’re suspicious about a link in an email is type the URL directly into the address bar of your browser to make sure it takes you to the legitimate website.  This will keep you from landing on a phishing website where they’re going to try to siphon off your data or cash.
  3. Finally, I want to show you the hover technique.  This is an incredibly powerful way to see if you’re going to the real site or the site of the cyber criminals.   So in your email I want you to hover over the link and it’s going to pop up a window that shows you exactly where you’re actually going to.  When you look more closely at that link it looks like you’re going to the right place, but if you read from right to left instead of left to right (from the slash backward to the .ru or the .com) and your expectation of where you think you’re going doesn’t match where you’re actually going, that’s the first signal that you’re going to a malicious website.  It’s really important to know that when you hover over that link in that email it’s not going to pop up that window immediately.  You need to be patient and wait for it to bring that up.  Don’t click on the link in the meantime and it will show you if you’re going to the good website or the bad.

Here’s your One Minute Mission.  Head to your spam folder; it is full of phishing emails. I want you to hover over some of those links and I want you to start to detect the difference between the good ones and the bad ones.  By practicing the hover technique now you are getting in the habit of detecting those phishing emails when they don’t get caught by your spam software.

With these three tips, you have some basic knowledge of how hackers use emails to steal your private information.

For Sileo On Security, I’m John Sileo.  We’ll see you next time.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.