in The Digital Public Square

You’re less incognito than you think.

Malicious apps, theft, spam, cyber stalking, censorship, surveillance.
There are no foolproof answers to risk online.
But there is advice to help.

I'm worried someone is trying to lure me with a fake email (phishing)

I'm worried someone is trying to lure me with a fake email (phishing)

Receiving messages asking you to click on a certain link, reply with private and sometimes confidential data or open an attachment, could also be a Phishing attack. Targeted attack messages – whereby the content is specifically tailored to be relevant to you are known as spear phishing. In the everyday humdrum of working life, reading dozens if not hundreds of emails per day, it is quite easy to mistakenly click on a link or open an attachment, without giving a second thought to the sender’s identity or intent. Targeted attacks (an email purportedly from your friend or your boss) are even harder to detect. Please review the How to avoid phishing attacks guide from the EFF.

Some of the bigger email providers like Gmail or Hotmail offer help to detect and report phishing attacks. The NetCraft tool can protect your web browser from accessing known websites used for phishing re-directions. Firefox users can also install additional add-ons to double-check a site’s validity before visiting it. In principle you should:

  • Never click on links in email messages directly (copy and paste them into the browser manually if you’re intent on opening it)
  • Never open an attachment unless you are sure of the sender’s identity and intent. Sometimes it’s better to reply to the sender in order to confirm the message before opening it

Google Chrome and the open source Chromium browser have built-in phishing protection. It may warn you in advance of opening up a known phishing site.

Not what you were looking for?

Try searching another term below: