Is it the sense of familiarity, the intriguing subject line or just being in auto-pilot that compels you to click?
Phishing is a method often used by hackers and cyber attackers to steal your credentials and sensitive personal information, or to infect your system with undetectable malicious software. A phishing email claims to be from a reputable source – however it's designed, it's job is to convince you to click on a link within the email, or to open an included attachment. Often the email will use emotions – such as urgency, a deadline, curiosity, fear, or greed to convince you to open the malicious attachment or click on the link.
Examples of these include scenarios where the emails claims you’ve got a speeding ticket, an ATO taxation fine or refund, that you've received an unexpected invoice or resume, or have missed a parcel delivery. Curious? That’s exactly the emotional trigger they try to use to make you click on the link or open the attachment!
If you do fall for it, you may end up with malicious software installed on your device (including your Mac). This is very bad news, as the malicious software lurks in the background doing something evil. It could be software that enables the attackers to covertly connect directly to your system, to encrypt all of your files and hold them to ransom, or steal your credentials which they then use as part of a bigger scam or attack.
The fake messages with the call-to-action that lure you use clever psychological tricks.
That’s what makes it so difficult to protect yourself against phishing. You know not to click links in shady emails. You know to think twice before clicking any link in any email. (Right?)
The same goes for downloading attachments and putting your personal information or login credentials into any form that you have any reason not to trust. And yet, phishers can just needle you forever, waiting for that one moment when you finally slip up. If you do, you instantly subject yourself to any number of unfortunate consequences, whether it’s identity theft, fraud, or malware that runs rampant on your device.
Follow these three rules to keep from getting hooked.
Look at the apparently authentic email below, and see how easy it is to tell that it’s a simple phishing attack, designed to get you to click on a nefarious link.
Below are some real-life examples of phishing scams.