What is Email “Phishing”?

You’ve heard the term, but do you know what it means?  “Phishing” sounds like something you would do on a pretty summer day, but it’s not fun and could cost you money, a lot of time, a huge headache, and the loss of your identity!

Think about “fishing”.  You go to a body of water with plenty of fish.  You get out your fishing rod and put bait on the hook.  Then you cast your line, hook, and bait into the water to wait for a bite.

Phishing is the same concept, but not nearly as peaceful.  You are the “fish”.  The criminal is the fisherman.

If they have your email address (and there’s many ways they can get it), they are very creative in the emails they send to you.  They can pose as a bank, a business that is demanding payment, or someone you know.   They use what information they have about you and if they only have your email address, they will make guesses as to what will get you to click a link or open an attachment.

First rule when checking email: Do NOT open attachments unless you are expecting it and you are positive that the person sending it is trustworthy and not accidentally sending you a virus. 

If you open an attachment, you could be installing a virus or malware onto your computer!  That’s also really easy way for you to get ransomware (here’s a post about that particular nasty thing).

Second rule when checking email: Don’t click links inside the email unless you absolutely know the sender is who you think they are and you trust them.

Once a scammer can get you to click the link, the website you arrive at can look very legitimate.  Make sure you always check the web address bar to make sure you are at the right website.  Look for the green lock icon on the far left that indicates it’s a secure connection.   Check the web address.  For instance: A legitimate link to Paypal is https://www.paypal.com  but if someone is trying to make you think it’s Paypal, it might look like this: www.paypal.creepywebsiteaddresshere.com (not a real link, don’t go there).

The bottom line is criminals are very good at impersonating legitimate companies to try to get your login information or details about you. 

Here is some further reading about phishing if you are interested in keeping yourself protected because YOU are the only one that can ultimately protect yourself against phishing.  Everyone makes mistakes, though, so it’s best to keep on alert for the signs.

Webroot Antivirus:
What Do Email Phishing Scams Do? Best Practices for Protecting Your Information
What is a Phishing Email and How Do I Spot the Scam?
FTC Consumer Information:
How to Recognize and Avoid Phishing Scams