Have you ever received an email urging you to “verify your account” or seen a link promising a “free gift”? These could be phishing attempts – deceptive tactics cybercriminals use to steal your personal information. I just received a beauty of a phishing scam attempt, and I want to share it with you.
Phishing scams can target anyone, and with a bit of knowledge, you can easily protect yourself. As far phishing attempts go this is a good one. The images used are of good quality, and in general the email visually looks convincing.
Let’s break it down.
1. The email for the phishing scam.
On the face of it, this looks convincing. For me, a non-native Finn whose mother-tongue is English, I would be at risk from this email. It uses persuasive language, and it somewhat specific about what they claim has happened.
On closer inspection, we can see that the sender email address, and reply-to email address are .. well.. very wrong.
The next red-flag in the email is that famous, “Do things now, before it gets worse!” trick.
Huomioithan, etta jos et noudata ohjeita 48 tunnin kuluessa, olemme valitettavasti pakotettuja ryhtymään lisätoimiin tilisi suojaamiseksi. Tämä voi sisaltaa tilisi valiaikaisen lukituksen.
Please note that if you do not follow the instructions within 48 hours, we will unfortunately be forced to take further action to protect your account. This may include the temporary blocking of your account.
2. The phishing scam’s attachment
If the previous red-flag wasn’t enough, no-one should be even thinking about clicking the button. Whilst the email, says that the attached document contains instructions, it is actually a link to website.
The button uses a fear tactic again to encourage us to click the link. “Estä petokset” / “Prevent fraud”. Hovering over the link reveals the destination address is nothing to do with the bank at all.
What next?
My standard advice is two-fold.
- Report the email.
- Burn it with fire (delete it, and delete it again!).
Report the phishing scam
Reporting the email to your email provider will help them fine-tune their email protection systems, and this helps others. Depending on how you read your email, there are a variety of ways to report the phishing email.
Gmail
- On a computer, go to Gmail.
- Open the message.
- Next to Reply , click More .
- Click Report phishing.
Source: https://support.google.com/mail/answer/8253?hl=en
Microsoft
Outlook Mobile
- Select the email you’d like to report.
- Tap (…) at the top of the screen.
- Select “Report Junk” from the dropdown menu.
In closing …
Protecting yourself from a phishing scam is crucial in today’s digital age. Always be vigilant when it comes to emails or messages requesting personal information or urging immediate action. Look out for red flags such as misspelled email addresses, suspicious links, or urgent demands for sensitive data.
Remember, your bank and other legitimate organisations will never ask you to disclose sensitive information via email or text. By staying informed and practicing caution, you can thwart phishing attempts and safeguard your online identity and assets from falling into the wrong hands.
Stay safe, stay vigilant, and don’t take the bait!
If this is an issue which you would like support with, do get in touch! 🙂