Phishing attacks aren’t new. In fact, we’ve heard about them for years – but that doesn’t mean they’re any less prevalent than they were when they first cropped up in the mid-90s. Actually, this year especially has seen a sharp rise in phishing scams, thanks in part to the stay at home orders given at the onset of the coronavirus pandemic.
Earlier this year, when the lockdowns were in full swing, Google’s Threat Analysis Group reported that they blocked 18 million COVID-19 themed malware and phishing emails per day and ID Experts reported a 50% increase in the number of their members being targeted by phishing scams. With the threat of a second lockdown looming, I thought it would be best to chat with a digital privacy expert about how to spot (and avoid!) a phishing attack.
I recruited Ray Walsh, a Digital Privacy Expert at ProPrivacy to give some of his best tips for avoiding such scams. But, first, it might be a good idea to tell you what a phishing attack actually is.
Phishing is essentially the attempt to fraudulently retrieve someone’s personal information (like banking details, passwords, and login information, etc.) usually with a financial goal in mind. Phishers usually pose as trustworthy sources, like your bank provider or PayPal or a social media platform. Their initial goal is to have you click on a link which will send you to a fake site almost identical to the one they’re impersonating and have you give away your personal info, you know, like we do all day on the internet.
“Phishing attacks usually leverage cleverly devised scripts designed to weigh on your emotions – be that excitement or fear,” explains Walsh. “So, if you receive an email or text that makes you want to follow a link or click on a download, this could mean that you are being victimized.”
You want to be wary all the time, to be honest. Although many email providers have anti-phishing features, it’s easy to get lured in, especially if it’s through a text message. Here’s what you should look out for: