Have you ever received an email urging you to “verify your account”, sign an unexpected document, or promising a “free gift”? These could be (“could be” 😉 ) . Phishing attacks – deceptive tactics cybercriminals use to steal your personal information, will come to us all, and I just received a beauty.
Phishing attacks and scams can target anyone and with a bit of knowledge, you can easily protect yourself.
As far phishing attempts go this is a good one. The images used are of good quality, and in general the email visually looks convincing therefore it would be easy to get sucked in.
Let’s break it down.
1. The phishing attack email
At first glance, this email appears convincing. For someone like me, a non-native Finn whose mother tongue is English, this email could pose a significant risk. Moreover, its persuasive language makes it even more deceptive. Moreover, it employs persuasive language and is somewhat specific about its claims.
On closer inspection though, we can see that the sender email address, and reply-to email address are .. well.. very wrong.
The next red-flag in the email is that famous, “Do things now, before it gets worse!” trick.
Huomioithan, etta jos et noudata ohjeita 48 tunnin kuluessa, olemme valitettavasti pakotettuja ryhtymään lisätoimiin tilisi suojaamiseksi. Tämä voi sisaltaa tilisi valiaikaisen lukituksen.
Please note that if you do not follow the instructions within 48 hours, we will unfortunately be forced to take further action to protect your account. This may include the temporary blocking of your account.
2. The phishing attack’s attachment
If the previous red-flag wasn’t enough, no-one should be even thinking about clicking the button. Whilst the email, says that the attached document contains instructions, it is actually a link to website.
The button uses a fear tactic again, encouraging us to click the link, “Estä petokset” / “Prevent fraud”. However, hovering over the link reveals the destination address is nothing to do with the bank at all.
What next?
My standard advice therefore is two-fold.
- Report the email.
- Burn it with fire (delete it, and delete it again!).
Report phishing attacks
Reporting the email to your email provider will help them fine-tune their email protection systems, and this in turn helps others stay safe. Depending on how you read your email, there are a variety of ways to report the phishing email.
Gmail
- On a computer, go to Gmail.
- Open the message.
- Next to Reply
, click More
.
- Click Report phishing.
Source: https://support.google.com/mail/answer/8253?hl=en
Microsoft
Outlook Mobile
- Select the email you’d like to report.
- Tap (…) at the top of the screen.
- Select “Report Junk” from the dropdown menu.
In closing …
Protecting yourself from phishing attacks is crucial in today’s digital age. Always be vigilant when it comes to emails or messages requesting personal information or urging immediate action. Look out for red flags such as misspelled email addresses, suspicious links, or urgent demands for sensitive data.
Remember, your bank and other legitimate organisations will never ask you to disclose sensitive information via email or text. By staying informed and practicing caution, you can thwart phishing attempts and safeguard your online identity and assets from falling into the wrong hands.
Stay safe, stay vigilant, and don’t take the bait!
