Email phishing is form of scam or email spam that uses social engineering and a little exploitation of software into tricking users to provide sensitive information voluntarily. It is an attempt to steal information by crafting authentic-looking messages coming from trust-worthy sites or organization.

Email Phishing - Social Engineering

Social engineering is a form of trickery where a person attempts to gain the trust of another person and later manipulate him or her to get the needed information. Only when a certain degree of trust has been established, the phisher will proceed and try to ask the needed information.

In email phishing, the needed degree of trust is usually gained by creating an authentic-looking message coming from a trustworthy website or organization, like financial institutions, service providers, government agencies, and even social networking sites.

A phishing email typically contains a notice about a certain issue that needs immediate action from the user receiving it. Often, it also has some sort of threat or a consequence when no action is done; that action is what leads to the user providing the information that the phisher wants to obtain.

How Email Phishing Works

Email phishing is a form of email spam or unsolicited email. In spite of anti-spam measures, some spam still manages to get through. It masquerades itself as a message coming from a trustworthy source. One can be fooled easily because the message often looks like the real thing, complete with logos and signatures, though further examination will prove otherwise. (Tips on how to get rid of Email Spam.)

The body of the message attempts to build a scenario that needs immediate action. Some of the most common messages say that the account needs verification, activation or something similar. It either requests the user to either reply with the information being asked or click the link provided in the message and enter the requested information there.

At the end of the message, it usually a warning that if no action is done, there is a resulting negative consequence like the user’s account getting deleted or deactivated.

Dangers of Email Phishing

Needless to say, email phishing is a very serious security threat to privacy, and if successful, will lead to identity theft. The problem is that there is little awareness of this serious problem. Since phishing scams may sometimes look very authentic, it all boils down to the practice of safe use of the Internet.

Once sensitive information is successfully stolen by a phisher, there are many things that can be done with that stolen identity. A phisher may assume the identity of that person and use it to sign-up or purchase items, deny the person access to his own account, and even obtain additional personal information.

How To Prevent Email Phishing

It is quite a challenge to spot a phishing email, so it is better that you be very critical when it comes to emails that ask for personal information. Of course there are really legitimate notices from companies, so you can’t just ignore them all.

However, there are signs or clues that the message is a phishing attempt. Here are some of them:

• Asks for log-in information (user name and password) or other personal information.
• The message contains grammatical errors.
• Contains a suspicious link to a supposedly “authentic” log-in page.

When you see a message that has any of these clues, simply ignore it and delete it. Official notices never ask their users to give out any personal information. If you are asked to log into a website, do not follow the link provided in the message. Instead, manually type in the real address on your Internet browser and log in from there. Phishers use malformed links to trick users into thinking that they are logging in the real site, but instead end up getting their personal information stolen. For more information regarding this article, read how to detect phishing scams.

[Sign up for our News Letter and Specials HERE]

Be the first to comment on this article