Phishing Attacks
Phishing is a widespread fraud method with the purpose of catching passwords, credit card details and other valuable or sensitive information. A typical phishing attack may come in the form of a fake email from your bank. Supposedly, someone has been using your credit card, and the bank needs you to confirm some information.
Phishing attacks are getting more and more advanced. Gone are the days where the culprits were teenage boys. Today, the attacks are orchestrated by professional players: hostile states or organised criminals with astute skills in technology and behaviourism.
Avoiding the Bait
The criminals deliberately try to take advantage of your fear and your trust in established, recognised organisations. The words and commands they use are not accidental, but cleverly designed to make us act before we think.
Keep in mind that situations where you enter sensitive information, usernames or passwords should be instigated by yourself and no one else. Legitimate organisations do not contact you by email or text messages in such cases.
If you have the slightest shadow of a doubt, call the apparent source for example, the bank that appear to have emailed you.
Emails with Attachments
Criminals may also send e-mails with attachments. If that attachment is of a malicious nature, by opening it we would be activating the virus or malware hidden within. These types of attachments are usually identified and blocked by your email security protection before they are delivered to your inbox. To get around this, criminals will instead craft a genuine looking email with a 'safe' attachment. Examples are invoices, candidate CV's or delivery notes. There is no imbedded code in these attachments and opening them cause no harm. However, the content of the attachment could contain links to phishing or malicious websites.
Be very suspicious before clicking any hyperlinks inside a PDF, Word or Excel document received on email. Also, be suspicious before scanning QR codes on your mobile phone as it is impossible to determine the target website by just looking at it.