Phishing email messages and online portals are designed to steal people's money. Cyber thieves
design these messages and websites in order to steal your personal information or install a malicious software on your computer. Most of these messages come from an unofficial from address, link to a fake website and often require an urgent action from you.

Phishing emails are more rampant than ever before and some cyber thieves have mastered the art of making the email look legitimate. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate.

On average, I receive about 3 - 4 phishing emails (per month) from cyber thieves posing as a Nigerian banking institution. I usually report the email as spam. Sometimes, I send the sender a nasty email response. Today, I received an email from another cyber thief posing as GTB, so I decided to write this post. There are numerous ways to detect a phishing scam/email, but here are some important tips...

What is a phishing scam?

A phishing scam is an attempt by scammers to trick you into giving out personal information i.e. your bank account numbers, passwords and credit card numbers.

What does a phishing email look like?

Here is an example of what a phishing email looks like.


Do not trust the header or display name - A common tactic used by phishers is to spoof the display name and header. They use graphics connected to the legitimate website. Some also use a web address similar to a popular company, but slightly altered. Always check the FROM address to make it's legitimate. The address in this screenshot is not legitimate as you can see. The cyber thief in this screenshot used GTB's email as his/her name. But, the email then shows No institution will send business emails from a personal email address.


Beware of malicious attachments  - Do not click on any attachment in the email; the attachments often contain viruses that will damage your computer.

Beware of hyperlinks - Hover but don't click - Rest your mouse (but do not click) on the link to see if the web address matches the link that was typed in the message. In the example below, the link reveals the real web address, as shown in the box with the yellow background.

Beware of threatening language - The messages often invoke a sense of urgency. Have you ever received a message that your account has been suspended or that that your account would be closed/charged if you do not respond?

Beware of spelling errors & bad grammar -  Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

This post was written on March 10, 2017.

0 comment(s):

Post a Comment

Related Posts Plugin for WordPress, Blogger...