9 min read

1. Scammers Are Everywhere

There are a number of different ways to identify phishing scams. Consumers can regard it as a phish, or they can use anti-phishing tools to help protect them from phishing attacks and attempts. Consumer Reports shares the five secret ways to stop identity theft, beginning with how to create an e-mail account and ending with how to minimize your losses if your personal information is exposed to a phishing attack. United States Computer Emergency Readiness Team shared an information paper (IP) providing a number of awareness tips to help Internet users avoid online scams. A site such as PhishTank, which is a community site that lets users submit, track, and share phishing data, serves as a great resource to check the validity of online activity.Phishing scam is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim. According to the 2013 Microsoft Computing Safety Index, released in 2014, the annual worldwide impact of phishing could be as high as US$5 billion.

2. Recognizing Phishing Emails

Phishing emails are commonly sent with the hope that the recipient will believe the message and reply. This is the action that the senders expect. It does not essentially imply that replying will cause a problem. It can also be very difficult to differentiate phishing emails from legitimate ones, and they tend to appear pretty convincing. For example, if a webmail service provider sends a message regarding expiring account storage, it's difficult to differentiate this from a phishing email which can be of a similar nature. Phishing emails nearly always have a sense of urgency, stating that your account will shut down, or that you simply need to verify account details, and they will almost always request personal information. It's essential to grasp that no legitimate company will request personal information via email, and if they do happen to do so, you should verify who they are by calling them. Legitimate companies have no reason to ask for personal information as they should already have it on record. Typically, they will only request personal information if you are making the first contact with them and it's a requirement to verify your identity.

2.1. Suspicious Sender Names

This is by far the easiest method for recognizing a phishing scam. After all, the site's URL or name may look very close to the real thing - but the email address must be visually inspected. The sole goal of phishers is to get you to read their email and visit their site. They usually will not spend too much time or effort in trying to look like an authentic entity. So while John Doe at john_doe@bigbank.com.co might look regular to some, those with a keen eye will be able to tell that it, in fact, is not a legitimate business email from a professional. It is not always easy to identify a suspicious email address, so a little knowledge of Email Header Analysis can help. Bear in mind that a phisher may use a fake send address to try and fool you, but you can usually view the true sender's address by looking at the email header. Information on how to view this can be found with your email service provider.

2.2. Unusual Requests for Personal Information

The phisher will be looking to steal any information that will lead to identity theft. This includes social security numbers, maiden names, and other information common for use in security questions. Identity theft is a very serious crime in most countries, and is often used by the phisher to open credit accounts in your name, and leaving you stuck with the bill. This is why it is extremely important to never give out sensitive information in an email no matter who the sender claims to be. Always confirm the legitimacy of the email with the organization.URL manipulation is another common tactic used. Even if you do not click on a link in the email, you can hover the mouse pointer over the link to see the actual URL that it will take you to (this appears at the bottom of most browsers). In the example below, we can see that the link will not take us to PayPal, but will instead take us to a URL housed in the .ru domain. Keep in mind that sometimes the link provided in the email may look perfectly valid. Phishers have been known to construct false URLs that look very similar to the legitimate ones. Always manually type in the URL into the browser and login from there to ensure that you are accessing the real web site.This is the most crucial information that you have to heed to because it touches on the most widely recognized feature of a phishing scam. Phishers will often use tricks to get you to divulge highly sensitive information. The easiest way to do this is by portraying an urgent matter concerning your account at a financial institution. The email will request you to update your information, and it will even provide a convenient link to the official looking web site. In the example below, we see an email that was received concerning an account suspension.

2.3. Poor Grammar and Spelling

One of the most commonly noticed details in phishing emails is their poor use of grammar and spelling. If you receive an email from a source you find suspicious, be sure to read it in detail. Many times a phishing email will be riddled with spelling errors. While the absence of errors does not confirm the email's legitimacy, the presence of them is a clear warning sign. Because many phishers operate from countries or regions where English is not the first language, their grasp of the language may be tenuous. This is shown in their written communication. Many of the more skillful phishers will copy the style and format of a legitimate email from the company it is supposed to be from. It may even have the company's logo. In this case, the presence of spelling errors is still suspicious, but obviously much less so. If you have any suspicion at all about an email's legitimacy, it is best to contact the company directly. An example of an email that would likely be phishing can be seen below.

3. Identifying Phishing Links

Phishing links are used to dupe unsuspecting people into visiting malicious and fraudulent websites. They are usually disguised as links to legitimate websites. Phishers have become quite sophisticated at making their links look convincing. A recent example was the use of "http;//www.microsoft.com@". This link will appear to be an address to [Link] but will actually send the user to To avoid this sort of trick, you should always hover over a link to see its true location. Both Microsoft Internet Explorer and Mozilla Firefox will display the linked address in the status bar at the bottom of the browser window. In the above example, hovering over the link would have revealed the true address and the user could have avoided visiting the malicious site. Phishers will often create false security indicators to make a website appear legitimate to the inquisitive user. Always check the address bar to be sure you are still on the same site and have not been redirected. It is good practice to check the SSL certificate of a website. This will provide information on who has registered the site and who it was registered to. High assurance certificates provide the strongest SSL encryption available. Always be wary of any site with a low-grade certificate or with a certificate registered to a different company. If any details look suspicious, it is always a safer option to avoid the website and go through the legitimate organization. In summary, educating oneself on phishing techniques is the best prevention method. Always question email requests for personal information and be sure to verify the source. If in doubt, contact the organization for confirmation. More information can be found at websites such as [Link] In the unfortunate event of becoming a victim to a phishing scam, it is important to report the incident to the appropriate law officials and also to the organization being imitated. By following these preventative measures and with continued awareness of current phishing techniques, we can all do our part to reduce identity theft.

3.1. Hovering Over Links

Hovering over a link is probably the easiest action to perform, yet one of the most often neglected. Most phishing emails disguise links behind text that will take you to a different website than you'd expect. By hovering over the link with your mouse, most browsers will show the actual URL that the link refers to at the bottom of the browser window or in the status bar. This is the simplest way to see where the link is actually going. Make sure the URL matches the link in the email and the link that you'd expect to see. If the URL shown at the bottom of the browser window is different from the link in the email, there is a high chance that the link is a phish. This method is not always foolproof and can be disguised using JavaScript, but it is still an important step in checking the validity of a link.

3.2. Checking for HTTPS

When checking whether a website is legitimate or not, consider the beginning of the URL: it stands for Hypertext Transfer Protocol Secure and is used to indicate a secure website. Normally, to access the site the address would be http://www.'whateverthesite'.com. However, if the site is secure, it will have an extra letter 's' in the form of https://. If you are about to submit information that is personal or confidential, this is a good way to check how secure the site is. Remember there are no 100% guarantees that this method will identify a phishing website, but it is a start. The main thing that has been identified with this method is the risk associated with the sending of personal and confidential information, meaning this method is only effective for individuals using it when about to submit such information.

3.3. Analyzing URL Structure

Please take a look at the hyperlink offered and examine it. The RIP or Uniform Resource Identifier usually reveals quite a bit in regards to the authenticity of the web site or email it's coming from. An instance of a RIP is [Link] The http reveals that it is in truth an internet web page, and the [Link] is the handle of the server. Typically reliable web sites would require a web page with private info to be a safe connection. By a safe connection, the tackle would start with https quite than http. For instance, a financial institution or university may require a safe connection for any private info getting into or leaving its web site. An email will all the time have a hyperlink and also often tells you to go to a specific web site. In this case, the hyperlink is seen by merely hovering over the URL. This allows you to see the true web site you can be directed to. So in essence, the hyperlink is similar to clicking on a word doc and pressing Ctrl+K. With the hyperlink seen, you're going to get the RIP of the positioning. Keep in mind to look at the hyperlink rigorously. A very clever tactic of phishers is to imitate a well-known company's URL with a slight difference in the wording. For example, it won't be unusual to see an address on a phish for a site develop with [Link] in .au/survey/collecting data.htm. By carefully analyzing the hyperlink, you can determine if the web site is coming from a legitimate source.

3.4. Avoiding URL Shorteners

In an attempt to evade analysis by security professionals and researchers, many phishing schemes have begun using URL shortening services. These services take a long URL and provide a short link that redirects to the longer address. Though these services are useful and legitimate in many cases, the shortened URLs make it impossible to tell where the link goes without clicking on it. Because of this, it is best to simply avoid clicking on a shortened URL. Instead, if the link was sent to you in an email, directly contact the sender to ask where the link goes. If you frequently receive shortened URLs in emails, there are several websites that will allow you to enter the shortened URL and will display the longer version. URL shortening is not exclusive to email phishing, and many social networking sites automatically shorten links that are posted. If you are unsure about a link sent to you on a social networking site, remember to use the preview link function often provided by the site to see where the link is going before you click on it.

4. Spotting Fake Websites

4.4. Missing Secure Connection Indicators It is never a wise idea to enter sensitive information into a website not using a secure connection. If the page where you enter you login or credit card information does not start with https:// then it probably is a phishing site. However this is not a definite indicator so a look for a secure connection icon on the page and in the case of online transactions make sure the electronic transaction is taking place on a secure connection.4.3. Lack of Contact Information Phishing sites do not usually have any contact information. A company would like their customers to be able to contact them if there are any problems with the service. If there is no contact information then an alarm should be ringing in your head.4.2. Suspicious URLs or Domain Names Look out for strange domain names or sub-domain names. For example a good paypal URL would be [Link] Any URL with a different top-level domain is a definite phishing site. An example would be [Link] Another example would be [Link] This is also related to e-mail based phishes. If an e-mail is telling you to click a link to login to your account and it is not on the real domain (for example [Link] then it is likely a phish.4.1. Inconsistent Branding and Design Many phishing websites have a similar look and feel to the actual website. However, when a company has a website it is usually maintained and updated frequently. Small companies may only update their site once a year, but larger companies usually update their site more often so a common look and feel is not always a reliable indicator.The look of a website can be deceiving. A phishing website may look very legitimate to your eye. However, your eye is not a web browser. Your eye does not view the HTML source of a web page. Your eye does not look at the URL in the address bar. It is easy for nearly anyone to copy a logo of an existing website and it is easy to copy the HTML and CSS from the actual site. This makes phishing sites very dangerous. There are several things you can do to check to see if the site you are visiting is a phishing site:

4.1. Inconsistent Branding and Design

Phishing is a method used to gain information through false pretenses. A website may look like a legitimate financial, government, or corporate site, except the personal information you enter is being used maliciously. For example, a person recently received an email that appeared to be from the California Franchise Tax Board. The email stated that there was an issue with a tax return, and if the issue was not taken care of, it could result in legal action. The email contained a link that took the person to a site that looked similar, if not identical, to the official California Franchise Tax Board website. The site asked for personal information and for a payment to resolve the tax return issue. This person realized that this was a phishing scam because he felt the email to be suspicious and he knew that there was no issue with his tax return. He also realized that the URL did not start with "https". These indications caused this person to further investigate the issue and the site before he found reason to believe that this was a phishing scam and a phony site. Phishing can occur for many different reasons, but the end result is usually to extort money or steal the person's identity. Phishing is a growing concern because it is an easy and effective way to obtain the keys to a person's identity or finances. An attacker is able to copy a page from the real site and host it on his own server, or he can simply link to the real site. This makes it possible to even trick someone that is visually checking the URL to ensure it is the correct page. With the advance of web technologies, it is getting harder to distinguish a real site from a phony one. The following are ways to determine if a site is legitimate:

4.2. Suspicious URLs or Domain Names

A legitimate website URL is very important in identifying the legitimacy of the website. Malicious entities will often try to pull off a phishing scam by using a URL that is similar to an official website URL. Often the URL will be similar to that of an official website for a financial institution, online payment processor, or a government website. The address may also have a valid looking DNS (i.e. the address of the link may resolve to the numeric IP of a server). Because spoofing URLs is a common practice among phishers, it is a good habit to hover the mouse over the link to examine the real destination. A tool to quickly check the safety of a link is the Web of Trust safe browsing tool (also available as a Firefox add-on). Many browsers also offer a feature to show the actual linked URL in the status bar. It is also important for users to recognize the beginning of the URL; sometimes a .com ending may actually be a country code top-level domain for a foreign country. For example, the website [Link] would have a domain of .com, however [Link] may have a domain of .cc, .ws, or another country code top-level domain. This is just one example of how phishers will attempt to make a URL look like that of an official website.

4.3. Lack of Contact Information

If you cannot find an email address, a web form, a phone number, or a mailing address, it is a good indication that the site is not legitimate. Often scam sites will have some contact information, but it will be false. For example, a food supplement scam site might provide a useless email address because they have no intention of providing customer support. They just want to take your money and leave no easy way for you to complain or get a refund. On the other hand, a phishing site will not provide any contact information at all because the last thing they want is to be detected or traced.Legitimate websites want us to get in touch with them, and as a result, will prominently display their contact information. This makes sense because they want to build customer confidence and loyalty. If they are selling something, they want you to buy. If they are providing information, they want you to return. They also want you to tell others about their site, so it stands to reason that they will make it easy for you to contact them.

4.4. Missing Secure Connection Indicators

Since phishing websites are only set up to steal your information, they will not have a secure connection on their site. Any site asking for your personal information that does not have a secure connection should be considered highly suspicious. Never give out personal information on any site if it is not secure. This is the most effective way to avoid phishing scams involving fake websites.Before entering any personal or credit card information on a website, it's essential to ensure that the site is secure. For Internet Explorer users, look at the lower right-hand corner of your browser window. If you see a picture of a lock that is closed, the website is secure. If the lock is open, that website is not secure. Another way to ensure the site is secure is to right-click anywhere on the page and select "Properties". If the URL begins with "https" rather than "http", the "s" stands for secure, and the web page is on a secure server. If the URL begins with "http", the page is not secure.A secure connection is established between two computers. It ensures that the data passed between them is kept private and safe from tampering. Web pages that are secure will keep the user's data safe and secure from hackers or identity thieves. When a page is not secure, it will be easier for a hacker to break into the page and take a user's personal information. Missing secure connection indicators are a very big hint that you may be on a phishing website.