Sub Total
Excluding delivery and voucher code discounts.
Go to basket

Free Delivery on all orders to UK mainland within 3 working days.

HP TECH TAKES /...

Exploring today's technology for tomorrow's possibilities
How to Identify Phishing Emails and Spare Your PC

How to Identify Phishing Emails and Spare Your PC

Tulie Finley-Moise
|
With the rising number of cybercriminals on the hunt for private credentials, cybersecurity has become a paramount priority of the digital age. As our world becomes increasingly computerized and dependent on internet connectivity, the room for cyber risk climbs higher and higher.
According to Symantec’s 2018 Internet Security Threat Report (ISTR), an astounding 54.6% of all email correspondence was recorded as spam. The report found that the average user receives 16 malicious spam emails per month. That’s nearly 200 dangerous emails to dodge over a single year. Falling into just one of these phishing traps could compromise your financials, identity, or worse.
Researchers with Kaspersky Lab discovered that between 2017 and 2018, email phishing scam attempts more than doubled. These alarming statistics show no signs of stopping. Using methods old and new, today’s cybercriminal continues to be an omnipresent threat to users across the globe.
Understanding the tell-tale signs of a phishing email is of the utmost importance for the modern email user. Use this informative guide on how to identify phishing emails to better arm yourself and your computer against the threat of cyber criminals and their many malicious data-stealing schemes.

What is phishing?

Fraudulent phishing is a lot like open water fishing; cybercriminals cast their line of digital bait through email and innocent users bite if the content is alluring enough. Cybercriminals are able to keep their scam afloat attempt after attempt because users are easy to lure in if everything looks legitimate.
It’s this facade of legitimacy that cybercriminals rely on for successful breaches. At its core, phishing is the act of sending emails posing as a reputable source, with the intent to distribute malicious links. Through these links, hackers can:
  • Steal your usernames and passwords
  • Sell your information to other parties
  • Open credit cards and bank accounts in your name
  • Gain access to your Social Security number
  • Ruin your credit score
  • Steal your money and obtain cash advances

How do cybercriminals target users?

Though there are a number of different tactics cybercriminals use to target users, these five very common phishing attack methods are ones they regularly employ.
1. Spear phishing
Spear phishing is among one of the more sophisticated forms of phishing because it utilizes the target’s personal information to build credibility. These slick criminals use your name, workplace, position title, phone number, and other personal credentials to trick you into believing you have a genuine connection with them.
Social media platforms like Facebook and LinkedIn are spear-phishers’ primary resource for curating key details about their targets. Be careful about those innocent-looking quizzes that ask for things like your age and pet's name. This classification of email phishing likely includes references to coworkers and relevant locations.
2. Whaling
Whaling is a subtype of spear phishing that exclusively targets senior executives within an organization. Using the same tactics as spear phishing, whaling attacks aim to harpoon senior executives’ login credentials.
With those login credentials, hackers gain access to the tools needed to authorize large payments. These phishing attempts are also called business email compromise (BEC) scams. A 2017 FBI Internet Crime Report calculated over $675 million in losses due to whaling attacks. The 2018 report doubled that number - reaching $1.2 billion in losses.
3. Pharming
Pharming is a more complex form of phishing that depends on domain name system (DNS) cache poisoning to redirect users from a reputable website to a fraudulent one. Even if you’ve correctly entered the website URL, an attacker can still redirect you to the compromised site of their choosing.
If you fall victim to their fraudulent site redirect and enter any personal information, the hacker has all they need to uncover your credit card number, bank account number, and passwords.
4. File-sharing phishing
The vast majority of the digital world depends on the storage and file-sharing services provided by Google Drive, Dropbox, and DocuSign. Millions of people all across the globe use each of these services for personal and professional reasons. Hackers trick users into entering login credentials by creating exact log-in webpages. These fake pages may even be hosted on the legitimate site’s domain.
5. SMS phishing
SMS phishing has been on a steady rise since the global takeover of web-connected smartphones. A text message sent by a cybercriminal will contain a malicious link that can lead to the installation of a hazardous app. Through this app, the hacker can track your keystrokes, steal your identity, and/or hold your private files for ransom.

How does phishing affect my computer?

Though it may seem like phishing only affects the status of your livelihood, it can also damage the health of your computer. In addition to swiping your personal and financial data, successful phishing attacks can infect your PC with harrowing malware. Unfortunately, these nasty programs are a common feature within a larger invasion of privacy.
Ransomware, spyware, Trojans, and viruses are among the most popular types of malware that come attached to email phishing scams. Each of these damaging infections can destroy your computer’s performance and basic functionality - effectively turning it into a hub for further damage if action is not taken.
You could even unknowingly be part of a larger botnet network. A botnet is a web of internet-connected devices strung together by malware distributed by a cybercriminal. They’re used to orchestrate larger denial-of-service, spam, identity theft, and money laundering scams.

How can I identify phishing emails?

Figuring out how to identify phishing emails is difficult when the tides of cybercriminal activity are constantly changing. However, it is not impossible. Phishing emails all have one thing in common; they want your information. Handle all emails that request credential confirmation with extreme caution before taking any action. Use these 5 tips to protect yourself and your digital devices.
Phishing Red Flag #1. The email is designed to cause panic
Since phishing scams are completely dependent on whether a user clicks through and falls for the trap, it’s not uncommon for cybercriminals to employ scare tactics. For example, an email demanding you visit the attached link and enter your login credentials as quickly as possible to avoid account closure is likely fraudulent.
Another common example of a panic-designed email is one that claims your account has been compromised and the only way to verify it is by entering your login credentials.
Phishing Red Flag #2: There’s a suspicious attachment
Any email from an unknown sender that features an attachment is a glaring red flag that you should be quick to call out. Odds are that the attachment contains a damaging form of malware that could compromise your device.
Though it’s a safe practice to simply delete any emails from unknown senders that contain dubious attachments, if you believe the email and attachment are genuine, employ the help of an antivirus software scan to double-check. Better safe than sorry.
Phishing Red Flag #3: The email address looks fishy
The vast majority of modern email providers have intelligent methods of sifting through what they determine as spam and ordinary mail. However, some spam can slip under the radar and end up in your regular inbox, ready for opening.
One of the trickiest tactics cybercriminals use to dupe targets is using email addresses that are just a word or domain name away from a legitimate site’s true email address. At first glance, these email addresses look authentic, but upon closer examination, you’ll quickly see an added number or letter, or an obvious variation.
For example, addresses like @Faceb00kmail.com or @mail.apple.corp are clear knockoff addresses from the true @Facebookmail.com and @apple.com.
Phishing Red Flag #4: The email asks you to confirm personal credentials
Any email asking you to confirm your personal information that you would never provide otherwise is an immediate red flag. This includes bank account details and login credentials. Do not reply to these emails or click any attached links as they are likely phishing scams.
If you believe there is a chance that the email could be legitimate, search for the organization and find a direct contact number and complete any actions over the phone if possible. Be wary of any included phone numbers in the email, they could direct you another fraudulent source that could be posing as a legitimate company.
Phishing Red Flag #5: There are spelling or grammatical errors
Any reputable company has a team of copywriting professionals that keep a keen eye out for any flagrant grammatical or spelling errors. In fact, one of the easiest ways to identify a phishing email is by reading through the content. Be on the lookout for strange phrasing or improper vocabulary usage as these are tell-tale signs that the email sitting in your inbox is not from the source you think it is.
Any email riddled with mistakes should raise an eyebrow as is, but be even more careful when you receive emails that just seem off.

Bottom line

Educating yourself on how to identify phishing scams is the simplest way to defend against the threats they pose. Be vigilant when perusing your email, you’ll save yourself and your computer plenty of headaches in the future.

About the Author

Tulie Finley-Moise is a contributing writer for HP® Tech Takes. Tulie is a digital content creation specialist based in San Diego, California with a passion for the latest tech and digital media news.

Disclosure: Our site may get a share of revenue from the sale of the products featured on this page.

More about these products
Disclaimer

Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.

HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price

The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle

Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.

HP will transfer your name and address information, IP address, products ordered and associated costs and other personal information related to processing your application to Bill Me Later®. Bill Me Later will use that data under its privacy policy.

Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.

“Best All In One Printer” and “the easiest printer you’ve ever had to set up” from Wirecutter. ©2020 The Wirecutter, Inc.. All rights reserved. Used under license. https://www.nytimes.com/wirecutter/reviews/best-all-in-one-printer/

Get Marvel’s Avengers when you purchase HP gaming PCs with qualifying 9th gen or 10th gen Intel® Core™ i5, i7 and i9 processors. Redemption code will be sent out by email within 60 days of purchase. Limited quantities and while supply lasts. Offer valid thru 12/31/2020 only while supplies last. We reserve the right to replace titles in the offer for ones of equal or greater value. Certain titles may not be available to all consumers because of age restrictions. The Offer may be changed, cancelled, or suspended at any time, for any reason, without notice, at Intel’s reasonable discretion if its fairness or integrity affected whether due to human or technical error. The Offer sponsor is Intel Corporation, 2200 Mission College Blvd., Santa Clara, CA 95054, USA. To participate you must create an Intel Digital Hub Account, purchase a qualifying product during the redemption period, enter a valid Master Key, and respond to a brief survey. Information you submit is collected, stored, processed, and used on servers in the USA. For more information on offer details, eligibility, restrictions, and our privacy policy, visit https://softwareoffer.intel.com/offer/20Q3-19/terms.

© 2020 MARVEL. © Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

The personal information you provide will be used according to the HP Privacy Statement (https://www8.hp.com/us/en/privacy/ww-privacy.html)