How you can protect yourself from intricate phishing attacks

September 8, 2020 1:36 PM

a crown icon and the words "rising voices award winner"
Person working on a laptop computer at their desk. Photo courtesy of Burst on Pexels.

Person working on a laptop computer at their desk. Photo courtesy of Burst on Pexels.

Ever open an email and can clearly tell it’s a scam? Ever go on a website where the prices are too good to the point of suspicion? Yeah, it’s happened to all of us. While some can tell if it’s a scam and can stay away, many others cannot. This is why phishing attacks have always been a real threat. According to Comparitech, phishing attacks have gotten a lot worse over the past 3 years. Scammers’ phishing attempts have also gotten better and more intricate.

Young kids on the internet and older folks who have trouble browsing the internet are some of the highest-risk targets for phishing attacks. The reality is that phishing attacks have gotten a lot more sophisticated, and unless you’re very careful, anyone could fall victim to an attack. 

For example, recent concerns about phishing election officials are rising. According to The Verge, less than 20 percent of election officials were using advanced phishing protection, and 666 out of the 10,000 used their personal emails for matters related to elections. This is concerning because their emails are more vulnerable to getting hacked. 

Phishing attacks are becoming more creative, and a new tactic of phishing has surfaced — completely copying the domain names and website URLs of the stores people shop from and marking the prices as much cheaper. This brings phishing to a new level as the only distinguishing factors are the URLs and the prices. This is why I propose the idea of labeling the websites people shop from to distinguish real websites from phishing websites.

A simple marker next to the padlock to the left of the URL of whatever website you’re on is enough. Web browsers such as Google Chrome and Microsoft Edge could email the owner of the website asking to verify that it's legit. That could be enough for parents to easily stop their kids from purchasing from phishing websites and for older generations who typically aren’t as experienced on the internet as younger generations to be able to tell real from fake.

For now, there aren’t any great distinguishing features, so here are some good ways to spot phishing emails and websites:

If emails ask for personal information, make sure it is someone you know and isn’t just a very similar or completely random email address. If there are any grammar or spelling mistakes, be wary as many official corporations or just people in general rarely make only one or two typos in an email. One last tip is to make sure that if there are any links, read the URL to make sure it is an official website. Instead of "www.apple.com," a phisher might put "info.apple.com" to make their scam look more official.

For websites, it might be a bit harder. Look at the URL and watch for any changes that don’t belong, like the Apple example. You should look out for the real website, payment methods like PayPal and grammar mistakes.

Overall phishing has grown stronger over the last few years, so make sure you use these methods to stay away from these scams until features to easily distinguish real from fake offers are made. Always check URLs, watch for grammar mistakes, and if it’s too good to be true, it probably isn’t.

Featured articles: