In a nutshell, phishing is an attempted to convince people to enter in their login details into a fake website that replicates another site, in a means of gaining this information for use illegally.
How does it work?
Phishing works in a few ways to get the same result.
- Example a. You receive an email advising you that your account will be locked out in a particular timeframe (often 24-72 hours) unless you access your account before that timeframe. Click this link to take you to the login page.
- Example b. You receive an email advising you that there has been multiple attempts to access your website and you need to login to ensure everything is okay. Click this link to take you to your login page.
- Example c. You receive an email saying that you should have received a refund and that you need to provide details to access the money. Click this link to take you to your claim page.
In each of these examples, the email addresses a problem and gives you the solution. In many cases, the problem will be either targeting someone’s greed or enticing a sense of fear within someone. Timeframes, illegal access, locked out, money for nothing… these are all deliberate means of tempting someone into clicking a link. Then the link itself is problematic. The link will take the person to an incorrect website that looks like the site it’s supposed to be.
What are some methods of identifying fake sites?
Look at the domain name in use (theage.com.au, google.com, ebay.com, optus.net.au are examples of domain names) to ensure you are on the correct page. Generally speaking, you need to keep an eye out for the site having the actual domain in the middle of the fake address. An example of this would be:
http://securityupdate.paypal.com.au.fakesite.com/
This is not a site I would recommend entering your details into as the domain is actually fakesite.com not paypal.com.
http://securityupdate.paypal.com/ – This would normally be an okay site to use.
The other thing to keep an eye on is the spelling of the domain name. A number of times, you will see domains that look almost correct but has one or two small changes; double letters, use of numbers instead of letters (1 instead of I or l, 0 instead of O) or letters that look similar (I instead of l, vv instead of w).
- http://paypai.com – looks almost correct but not quite.
- http://paypaI.com – looks almost correct but again not quite (it’s a capital i instead of a lowercase L).
- http://paypa1.com – looks almost correct but not quite (use of a 1 instead of l).
What are some methods of avoiding fake sites?
The easiest way of avoiding a fake site is: don’t click on the link provided in the email! Type the address you know for the company into your address bar directly.
Other advice for avoiding phishing
There are some things to keep in mind when it comes to phishing, the main one is to remember that most of the time banks will not ask you to click a link to something where they want you to log in. If you are uncertain whether it is actually from the provider stated, calling them is always a good way to double check.
There are plenty of websites out there that will go into more detail about avoiding phishing than I can cover in this short piece. Read up about the various methods to help you minimise your risks as phishing has changed and evolved over time.
Lastly, if you ever think you might have accidentally provided your details during a phishing attack, let the provider know so they can keep an eye out for suspicious activity; and update your passwords as soon as possible!
Have you got any tips that help you identify phishing emails?