What is Phishing? How to detect phishing emails?
October 8, 2006
Ever received an email from eBay asking you to verify your account? Or from Yahoo Mail warning you to login otherwise your account will be suspended? How many times have you gotten a supposed Paypal email asking reactivation because your account has been hacked?
If you dismissed the email and simply deleted it, good for you. But if you opened it, clicked and accessed the link, and tried to login to the website, congratulations, you have just become a victim of an unfortunate phishing attempt!
Phishing (pronounced “fishing” as in “fishing for information”) is a type of deception designed to steal one’s personal data such as credit card numbers, passwords, account login information, etc.
The phishing email usually looks like an official letter from a trusted source, such as a bank, credit card company, payment processor, or online merchant. Phishing emails normally direct recipients to a fraudulent website where they are asked to provide personal information. This information is then used for identity theft.
How to check if an email is a phishing email
Here are some things to look for if you think an e-mail message is a phishing scam.
- Suspicious subject headings
Most phishing emails alert you that something is wrong with your account, and email subject headings are used to entice you to open the mail and follow instructions outlined in the email. Most phishing emails usually use any of the following subject headings.
- Account Alert
- Account Incident
- Account Issue
- Account Renew
- Account Review
- Account Suspended
- Avoid your xxxx suspension
- Check your account
- Confirm that you are the real owner of xxxx account
- Confirm your xxxx account
- IMPORTANT: Your xxxx account has now been suspended and may be terminated
- Notification of xxxx account update
- Notification of Unclaimed Parcel
- Password Change Required
- Protect your xxxx account
- Restore your account access
- Second (third) notification
- Steps to remove limitation
- The Security of your account
- Unauthorized access report
- Unauthorized account access
- Update your xxxx account
- Verify your xxxxx account
- Warning – Your email account will be closed
- Your account might be compromised
- You have successfully updated your password
- Your email requires verification
- Your profile has been updated
- Sense of urgency
Phishing emails usually use the line, “If you don’t respond within 24 hours, your account will be closed.” These messages convey a sense of urgency forcing you to respond immediately without thinking. They want you to quickly click and visit the link and access your account in the fake site.
- Spelling or grammar errors
A legitimate company would take time to proofread its email so that no spelling or grammar error appears in the email. Senders of phishing emails usually do not.
- Unspecified recipient
Phishing messages are usually sent out in bulk and often does not specify your first or last name. Normally the phishing email’s opening line is a generic “Dear Customer” or “Dear valued customer” greeting.
- Unknown or unfamiliar sender
Some senders of phishing mails are sloppy and does not attempt to change the sender’s original email address. That’s why you might receive a supposed PayPal warning from email@example.com or an email about your eBay account sent by firstname.lastname@example.org. Instinct should tell you that if you are to be contacted by these sites, they should be using their official email account.
- Masked URLs
Some phishing pros, however, take time to change these information to make it look like an official email from a trusted website. Most of the links in these emails are “masked,” that is, the link looks like a trusted site’s official link but the actual URL is different. In short, the link you see does not take you to that address but somewhere different, usually a phony site.
Examples of this technique are shown below. If you hover or rest your mouse pointer on the following links, a URL different from the URL you see will appear in the lower-left portion of your browser. (We do NOT encourage you to click the link and visit the linked sites!)
www.paypal.com (Looks like paypal.com but embedded URL is pavpal.com)
www.ebay.com (Looks like ebay.com but embedded URL is ebav.com)
How to protect yourself from phishing emails
Almost all legitimate companies would never ask you to provide your personal or account information. If you received an email supposedly sent by your bank, PayPal, eBay, or an online account, confirm with them first before clicking on any links on the email. Go to your account’s website (access it directly WITHOUT using any link on the email) and use the web site’s contact form. Copy and paste the email into the contact form and ask if they indeed sent the mail.
NEVER open any attachment in the email. It might contain an executable (.exe) file that will unleash a trojan or virus that will steal your data or hack your email accounts.
You can also copy parts of the email and search for it in Google. There you can see if other other sites have already given warning that the message you received is a phishing message.
Other related reading:
- Beware of the fake UnionBank website
- Phishing email: Your eBay account has been suspended
- Beware of these eBay scammers
- Other examples of phishing emails