Sign Up
School Account Sign Up
Contributor: Jay Gregorio. Lesson ID: 13227
In order to understand phishing, we need you to complete this lesson as soon as possible. Whoa! Learn the danger behind urgent requests like this and unknown hyperlinks or attachments!
You work for the federal government. (Congrats on the new job!)
Due to confidentiality issues, you can only use your government-issued laptop in the office. While working, you receive this email.
Seems legitimate, and you are on a secure laptop in a secure building, so the email must also be secure. Better click on that link before time runs out.
Keep reading to learn the hidden dangers in emails like this one and what you can do to protect your identity!
What Is Phishing?
Phishing is a spin on the word fishing, where someone throws a baited hook into a body of water, hoping a fish will bite it.
Phishing is any sophisticated online scam that lures victims into giving personal and private information.
It is a form of cybercrime in which emails, text messages, and phone calls that appear to be from a legitimate source are sent to obtain passwords, credit card information, and other information that could result in financial loss and identity theft.
If you read this lesson, you are active enough online to have an email address. Email is an essential part of communicating in today's world, but it also brings a lot of unwanted notifications, promotions, and the like.
Most of these messages immediately go to your spam folder, but some reach your inbox. Many of these appear to come from a legitimate source, and the messages often contain an urgent request for an immediate response or action from you.
Cybercriminals or scammers use many phishing techniques, but they generally fall into two categories based on their purpose.
Transfer Sensitive Information
Messages sent to gain personal information often result in financial loss.
A typical scam email looks legitimate from your institution. It will include a link that leads to a malicious site that resembles your bank's real site. When you enter your username and password, the criminal can see that information.
This allows the scammer to access your account and steal money.
Spreading Malware
Malware is software that causes intentional damage to a computer or network.
Malware, often referred to as a virus, is attached to a link or document. When you click on or open it, you release the malware into your computer or network.
Malware can be programmed to do many different things, from erasing your files to destroying your hard drive or recording your keystrokes. Software can be created to do anything you can imagine.
To learn more, watch the following video.
What Can You Do?
You can look at specific things carefully to determine whether something is a scam. (Remember, phishing can also occur via text message or call.)
Unidentified Sender
If the message does not include a sender's full name or other legitimate information, it may be a sign of phishing.
Some scams do not ask for anything other than a reply at first. However, once the scammer gains your trust, you will likely be asked to complete a task revealing your private information.
Too Good to Be True
Scammers try to hook you by grabbing your attention right away.
Yeah, that's a scam. Besides winning prizes or the lottery, lucrative offers for free phones or other expensive items are too good to be true. Don't fall into the trap.
Hyperlinks and Attachments
Think of hyperlinks and attachments like dogs you have never met. You may want to pet them, but you must ensure they are safe first.
It is best to assume any hyperlink or attachment sent to you could harm your computer. Some carry viruses, and others redirect you to a fraudulent website.
If you were not expecting the hyperlink or attachment, do not click or open it. If it is important, the sender can always resend it.
Tone of Urgency
Getting you to act before you think is the key to a good scam.
You are less likely to notice the details if a message appears time-sensitive. You may need to act immediately to secure your winnings or prevent your account from being suspended.
Be leery of urgent-sounding messages like these.
Okay, you believe you just received a phishing email.
Don't click on any links. Don't open any attachments. Don't reply. Just delete it. SimpIe as that.
If you want to do so, you may forward the email to [email protected] or [email protected] or report it to the Federal Trade Commission.
For more tips and information, feel free to check out these resources.
These resources include several ways to help protect yourself, like redirecting spam emails and enabling security features; however, the best and easiest strategy is always to stop and think twice before clicking or opening anything.
Review all you have learned in the Got It? section when ready!
Supplies
Resources Referenced in the Lesson
FAVORITE
Like