1 minute read
Safe Environment Tips: Understanding “Phishing”
It is time to talk about “phishing” again, and its entry into texting as well as email. Parishioners need to be diligent to avoid falling prey to these scams. This information was provided by KnowBe4, Spiceworks, and the IT Governance Blog. We thank them for sharing.
Phishing (pronounced “fishing”) is the practice of distributing and publishing e-mail messages — and now text messages — to steal people’s data and infect their devices with malware. Most phishing attacks are sent by email, but now texting is infected too.
Advertisement
How to spot a phishing email or text:
Look at the sender’s email address or texting phone number, as this can help identify if the person is truly who they claim to be. Use of a public email address such as gmail.com or an area from other unknown parts of the world is a giveaway.
If you receive an unexpected email or text from someone you do not know asking you to open an attachment, do not open it. As a general rule, if you are not expecting such an email or text, do not open it until you have verified the sender.
Phishing texts or emails often ask recipients to verify personal information or create a sense of urgency about being in urgent need of financial help. These are warning signs. If unsure, contact the person using the contact details you already have for them. Never use any contact details or click any links provided in the email.
Phishing texts or emails may ask you to click a link within the email. By hovering your mouse over the link or address, you can see the linked site’s true URL. These URLs can be slightly misspelled or completely different from what you are expecting.
You can often detect a phishing text or email by the way it is written. The writing style might be different from that what is usually used by the sender, and it might contain spelling mistakes and poor grammar.
Despite our attempts to technologically mitigate these annoying emails and texts, they will still get through regularly, and when that happens, the only thing preventing a breach is your ability to detect their fraudulent nature and respond appropriately.
