A spoofed email message is often the cornerstone of any well-executed phishing scam. From the earliest days of phishing, fraudulent email messages have been used to catch Internet users unawares. Phishing attacks picked up steam during the heyday of AOL. Instant messages and email messages were used to carry out those attacks. Although many things have changed, many others have remained the same. To this very day, major online entities like PayPal and eBay have to grapple with the problem of email phishing. Several online banks have been targeted as well. Learn more about how email phishing works, what it looks like and how avoid falling victim to it below.
What is Email Phishing?
Email phishing refers to the act of creating and sending fraudulent or spoofed emails with the goal of obtaining sensitive financial and personal information. Under such schemes, emails are designed to look exactly like the ones that are sent by legitimate companies. Sophisticated phishing attacks use the email addresses of people who are registered to use certain services. When those people receive emails that are supposed to be from those companies, they are more likely to trust them. Spoofed emails often contain links that lead to spoofed websites, where various methods are used to request and collect a person’s financial and personal information. Forms are occasionally contained within the emails themselves too.
Why Email Phishing Works
Considering how long email phishing has been used, it may seem odd that it continues to work. It isn’t because people are foolish; it is because these emails are very well done. Phishers know precisely how to design spoofed emails to look like their legitimate counterparts. By throwing in some urgent language, phishers dramatically increase their odds of success. Busy people scan such emails, trust them and click on their links because they look almost exactly like the real thing. One wrong click can lead to a world of hurt.
Signs of Email Phishing
There are many signs of a phishing email. The first thing that you should look at is the greeting. Does it use your actual name, or does it have a generic greeting? Look closely at the email’s header. What is the sender’s email address? These addresses are usually carefully designed to look authentic. By taking a very close look at them, though, you can usually see inconsistencies and things that don’t make sense. If possible, compare the sender’s email address to that of previous messages from the same company. If it’s a phishing email, you will notice things that don’t add up.
Examples of Successful Email Phishing
Many successful email phishing attacks have been carried out in the past, which is why they continue to be used to this day. Prominent examples include eBay phishing scams and PayPal phishing scams. Both companies were prime targets of email phishing campaigns in the past. eBay and PayPal users receive messages that look legitimate. The messages typically urge them to verify their account information or to update their credit card numbers. People often fall for these ruses because they are afraid of losing access to these important services. Both companies now offer extensive information on ways to avoid such phishing scams on their websites.
There is no simple way to completely avoid email phishing attacks. Sooner or later, someone is bound to send you a spoofed email. The easiest way to avoid these scams is by never clicking on links that are included in email messages. Make it a policy to always type in the URL of the site that you need to access manually. Upon arriving on the site, you will be able to confirm whether or not the message that you received was legitimate. If it’s a spoofed email, find out where to send it – most companies like to know about the scams that are going on out there.
Related Phishing.org articles: