It’s urgent! It’s from a well-known organisation! Act now!
It’s probably fake …
If you’re working for a large company, the odds are that you’ve received e-mails from the IT department, warning you of phishing attacks. The reason for such alerts could be that someone clicked on a link in an e-mail that tried to steal usernames, passwords or banking details, and the culprit highly likely used this person’s account to distribute even more phishing e-mails.
Verizon, a telecommunication company in the USA, found that it took more than half an hour (on average) for an employee to report a suspicious e-mail. Hence, during a mere thirty minutes, at least one person will already have taken the bait, statistically. Once on the hook, you will be reeled in and suffer the consequences.
The good news is that the key to avoiding a phishing attack could lie in language.
During the 12th International Conference on Semantic Computing in 2018, hosted by the Institute of Electrical and Electronics Engineers (IEEE), researchers have illustrated that, by analysing the language used in phishing e-mails, they could identify phishing attempts more accurately than cyber security company Netcraft’s leading anti-phishing program. One of the main clues identified by the researchers was that phishing e-mails almost always sounded urgent, containing statements such as “Change immediately” or “Submit in the next 24 hours”. Another red flag is the way in which the recipient is addressed – something generic or impersonal like “Dear customer” must activate alarm bells! Something else to ask yourself is: Are there any spelling errors? Often spelling and typographical mistakes are dead giveaways, pointing to questionable sources.
If linguistics is not your forte, hold on to the following:
- Verify that the e-mail and website addresses in the e-mail are irreproachable.
- Don’t click on any link in any e-mail – unless you know that the sender and link are trustworthy.
- Don’t respond to requests for personal or sensitive information. The age-old principle still prevails – if it sounds too good to be true, it probably is.
- Keep your passwords secret at all times, even if you think you can trust the source asking for your passwords.
Unfortunately it is a cyber jungle out there. Be alert at all times!
