CyberSecurity Education: What is Phishing?

Every so often we revisit the topic of Phishing – which is defined as:

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim.

Well that’s all well and good, but basically a phishing email is one that attempts to trick you into giving out information, usually by clicking on a link in a faked email.

Phishing emails can be easy to spot if you know what to look for – but to the unwary, they will often look exactly like an email from your bank, credit card, paypal, email provider or other company you do business with.

Look carefully at the ‘from’ email address:

Many time the email address will be completely faked, so it might look like it comes from your bank, or it can be something similar, but poorly thought out phishing email (of which there are many) – will have obviously faked ‘from’ email addresses:

Phishing emails will sometimes have very obviously faked 'from' addresses.

Phishing emails will sometimes have very obviously faked ‘from’ addresses.

Look very carefully at links in your emails – when you mouse over them, the real link will often show (it does in Outlook and most web browsers) – check that link to make sure it is the correct destination.

Notice that the email in the body of the email and the actual destination are NOT the same!

Notice that the email in the body of the email and the actual destination are NOT the same!

Now we do NOT recommend that you click on links which you suspect are not real – primarily because most phishing website have some kind of hidden ransomware component on them these days. But if you had clicked on a phishing link, the browser address will almost certainly NOT be what you expect it to be:

Note that the website you see can be a very convincing copy of the site you expect - but the address is wrong!

Note that the website you see can be a very convincing copy of the site you expect – but the address is wrong!

So – steps to take:

  1. look at email from addresses carefully, mouse over them if in doubt
  2. move your mouse over the links and check them very carefully
  3. if in doubt – do NOT click links – it’s better safe, than sorry!
  4. visit the website and TYPE the address into the address bar
  5. finally – call the bank or credit card company yourself and ask if they emailed you


Ready for the right solutions?

It’s time to offload your technology troubles and security stress.

"*" indicates required fields