How to catch a phish

shutterstock_322068299.jpg

Phishing (pronounce as fishing): deceiving an internet user to give out his or her personal or financial information over a website or official looking email that usually ends up in identity theft or false credit card charges. Sounds serious? It is! The team at ESET and Today put together a small test to see how good you are at catching these malevolent electronic pests. Let's go phishing!



Here are some tips on how to catch a phish:

1. Threats: Account suspension, additional charges, Bigfoot coming to steal your Christmas decorations. Would you send threats to your customers? Didn't think so.

2. Attachments: Particularly compressed .zip files. Especially attachments with double extensions (extensions define the species of the file they follow the file name after a period ie: mypoem.docx). Seeing myinvoice.pdf.exe, or freecoupon.doc.pak is very very bad. Very bad. Do not open.

3. Strange links: Hovering your mouse over a link in an email shows you what web address the link will take you to. The text may say myrogers.ca but if the link points to gatherallmyfinancialinfo.com.ru.now you know you're in for a nasty surprise.

4. Bad grammar: Or typos. Sentences starting with small caps, 'teh' instead of 'the', 'there' instead of 'their' Today.com proposes that scammers might do this intentionally to weed out smart people.