Learn To Spot Phishing Attacks
Phishing is when you receive an email (or text message or phone call) that looks like it is from a legitimate service, but is actually a fake. Phishing is such a big problem that it was responsible for the majority of hacks in 2020.
For example, almost all iCloud accounts that get compromised are by phishing attacks. The victim received an email that looked like it was from Apple requesting some kind of action; usually handing over their password, sending money of clicking a bad link.
Often a phishing email will take you to a fake login site that looks exactly like the iCloud logon page, and entering your password here is giving the hackers your password. Recent phishing emails can be used to bypass 2nd factor authentication, so it really comes down to being vigilant and identifying phishing emails as fakes.
Spot the fake:
- We promise to do an in-depth phishing article in the future, but this just isn’t the place for it. The first line of defense against phishing attacks is to always be skeptical. Verify the source as legitimate whenever possible and if ever in doubt just ignore the email\text message\phone call.
- Most phishing emails are low effort cons, with broken English, misspellings, and blurry or poorly aligned logos and images. Ignore anything that looks sus. If an email is legitimate and you do business with the sender then they will already have alternate methods to contact you.
- Look at the sender’s actual email address. Is it actually email@example.com or is that just what your email client is being tricked into displaying? You should click or tap on the senders name so that it shows you their actual “sent from” address. Remember that firstname.lastname@example.org is not actually from apple.com at all.
- Hover over any links in an email, and always be suspicious if anything doesn’t look right. Learn how to test a suspicious link without following it.