Cybercriminals Use Simple Emails to Steal Your Money
Note: We may earn a commission from products or services when you click on a link and make a purchase.
A Phishing email is a seemingly ordinary email a cybercriminal sends to you with hopes of tricking you into taking action. The phishing email will contain links to harmful websites, malware downloads, or email attachments that can take over your computer. Exceptionally bold attackers will even try to get you to call them so they can talk you out of your money and your passwords.
Most phishing emails try to scare you into taking action quickly without thinking about it or scrutinizing the contents of the email.
Phishing emails can be engineered to look like they were sent from someone you know. Often, they appear to be sent from a business that you’re familiar with. Most people have heard of PayPal, eBay Amazon, Citibank, American Express and thousands of other major companies. They are household names.
Cybercriminals send fraudulent emails that impersonate a company name that everyone recognizes. That way they increase the odds that you’ll open the email and follow the instructions inside.
Instructions usually include clicking on the link or opening an email attachment. Both of these actions can result in your identity and money getting stolen.
Your computer may also be taken over by malware or ransomware. It could be used to attack your friends too.
Hackers use malware to infect your computer and then steal all the banking and credit card logins store it on your computer. Computers, tablets, or phones could be infected with malware, and you might not even know it.
See our free guide on signs that your computer is infected or if your phone is running slowly.
Another tactic is to infect your computer with ransomware and then demand payment to release control.
That means when a hacker sends out a phishing email, they can use a fake sending email address that may appear to come from PayPal – on closer inspection you’ll see that it doesn’t.
What are social engineering attacks?
Social engineering is when an attacker uses information that is publicly available in another online scheme. For example, they might get your email address from your employer’s website or from your LinkedIn profile. Cyber criminals will scrape Facebook for information about your hometown, school, and your friends’ names. They use this information to send phishing emails to tens of thousands of people at once.
This is called social engineering.
Social engineering is commonly used to gather information used in phishing email attacks.
Guard Against Phishing Attacks
The more familiar a phishing email seems to the recipient the more likely they are to follow the instructions in the email. Taking just a few moments to scrutinize the contents of the email and the actual sender’s email address are some of your best defenses against phishing attacks.
- Always scrutinize every email you open.
- Never click on a link in an email that you were not expecting. For example, if you receive an email asking you to reset your password NEVER trust it. Instead, go to the company’s website directly using a web browser and reset your password from there.
- Never download an email attachment that seems suspicious. you weren’t expecting an email from someone call them and ask if they sent it
- Use a reliable antivirus app to protect your phones, laptops, and computers from phishing emails and malware attacks.
- When in doubt take no action!
- Call the email sender to see if they actually sent the email or ask if there’s a problem