The Dangers of Phishing: A Common Way Your Information is Stolen

Hook on a keywoard witn the word "Phishing"

Growing up in Michigan, November 15th is a “state holiday”. Work slows down in the weeks before November 15th as hunters (bait, I mean) feed the squirrels sugar beets and corn. Just about every single male friend of mine takes a couple days off from work to head “up North” for opening day of regular firearm deer  season. More than 500,000 hunters register for a deer tag every year in Michigan. The deer are pretty smart. They know if they can out last the hunters for two weeks they have good shot of hitting another birthday.  Unfortunately for us, we are not so lucky.

Phishing Season is open 24/7/365. Wiki states that, “Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.” You are the deer and being hunted (phished) every second of every day.

At the time of this article, there are 3.3 Billion internet users, each with the ability to steal your information for profit. The chances of you being phished are significant if you are online (which you are since you are reading this article). In 2013, an identity was compromised every two seconds in America with the number of victims climbing to 13.1 million over the year, according to Javelin Strategy & Research’s 2014 Identity Fraud Study. The cost of identity theft exceeded $16 Billion in 2014.

Here is your quick Phishing Indicator list (compliments of SANS Institute):

1)      Check the email address

2)      Be suspicious of emails that start with “Dear Customer”

3)      Look for spelling mistakes

4)      Emails that require “immediate action” is a common technique

5)      Hover over links in emails to see the true destination

6)      Attachments can contain malware

7)      You might be lucky but you most likely did not win the lottery via an email

8)      If you get a suspicious email from a friend.  Call them to validate they sent it

Get your copy of the Phishing Indicators by logging into the G2G Marketplace website for a full description of how to spot a Phishing email to protect you and your family.

Author:  Chris Burrows – Chief Information Security Officer for Oakland County, Michigan