How to Identify a Spoofed Email

Malware is a real and growing threat in today’s digital age. With so much valuable information stored on our devices, it’s becoming more and more lucrative for hackers to gain access to sensitive data. Whether they sell it on the dark web, force you to pay a ransom to get it back or use details to commit crimes such as fraud, there are many reasons why a cybercriminal would want to your information.

To make matters more concerning, hackers are becoming smarter as technology advances, which makes it increasingly difficult to identify a threatening situation. One of the most common ways that cybercrime happens today is through a method called phishing.

What is Phishing?

This method of cyberattack uses deception to fool the victim into handing over their sensitive information. “Phish” is pronounced like “fish,” and this type of cyber-attack got its name from the analogy of a fisherman throwing a baited hook out at sea (i.e., the fraudulent email), hoping to get a bite. The term was coined in the mid 1990s when hackers on the AOL platforms tried to trick users into providing their information.

Hackers send an email disguised as someone legitimate, like a family member, boss at work or reputable company. As a result, the hacker aims to trick the email recipient with real looking requests – such as a form from their bank. This is one of the most widespread and pernicious attacks today.

How to Protect Yourself

Because phishing is such a convincing ruse, it can be difficult for users to identify the attack as malicious rather than legitimate. With this in mind, it’s a best practice to have anti-malware software installed in case you were to be targeted unknowingly. For example, keep your PC secured with software from Malwarebytes that will identify threats and prevent them from reaching you in the first place.

With that said, since these attacks become more and more sophisticated all of the time, there’s a chance they could reach you – even by text or social media. Did you know that there are 350,000 forms of malware are detected every day? Phishing can take all kinds of forms, and it’s good to know what to look out for.

If you receive a message asking you to disclosure sensitive information, here are some questions to consider:

  • Does the message ask you to provide personal data, like passwords, credit card details, your Social Insurance Number or something similar?
  • Are you being prompted to click a link or attachment that seems suspicious?
  • Is the message poorly written, with grammar and spelling mistakes?
  • Does the message create a sense of urgency for you to “act now?”
  • Are you being told there’s a problem with your account?

These are a few common phishing warning signs to be on the lookout for. If you’re unsure about a message, from the government or a family member for example, it’s always best to check with the source directly to confirm whether they truly sent the email. Phishing emails want to either trick you into clicking a link that will install malware, or they are looking to gain sensitive details directly. When in doubt, always err on the side of caution.