Phishing: How to Spot and Avoid it : Bio:Neos

TLDR; Phishing is a common scam that millions of people have fallen victim to. Follow the four main tips to help prevent falling for these traps: check the sender, study the message for suspicious words/grammar, don’t send any personal information digitally, and NEVER click anything that is sent in an email - unless it is from a trusted sender.

INTRODUCTION

In today’s digital age, technology has become an indispensable part of our daily lives, permeating every aspect from work to personal endeavors. While technological advancements have revolutionized a lot of fields (like medicine, manufacturing, and education) it's essential to acknowledge the dark side of the digital age. This blog aims to shed light on scams, providing valuable insights to help readers recognize warning signs and protect themselves from falling victim.

WHAT IS PHISHING?

Phishing is the act of sending fraudulent messages and/or emails to people, claiming to be a part of a reputable company, organization, or person, in order to gain personal information such as social security numbers, credit card numbers, personal details, and even login information from the individual. While there are many cyber crimes, Phishing is the most popular form with over 3.4 billion phishing emails sent daily (Smith, 2023).

Phishing messages can be extremely believable, especially when it reflects accurate information. For example, when I started working at Bio::Neos a few months ago, Steve, our CEO, received an email from “Cal Bruno” stating that “my bank account information needed to be altered as I had changed my bank account since being hired in the last couple months”. Luckily, Steve clicked on the sender information, and saw that the address was some sort of strain of random numbers and letters, and quickly realized that it was not actually from me.

WHAT CAN I DO TO PREVENT PHISHING?

While there are email services you can sign up for to filter through your emails and delete the spam messages, they are not 100% accurate. So, the best thing to do is to always thoroughly check the messages you are receiving. Oftentimes, a phishing email will ultimately want you to click on some sort of link or icon. If you are skeptical about a certain message, instead of clicking on the link, hover over the link and see what pops up (see pictures below). Anyone can write a link down, such as www.calbruno.com, but have it actually link to a bad website. Just because something looks like a legit link, and has the same blue color and underline, does not mean it will redirect you to what it is claiming to be. But, hovering over a link will allow you to see where it will be taking you and you can ensure it is trustworthy! Overall, the best thing to do is to type in the link yourself so that you know exactly where you are going.

*Taken before my cursor is hovering over the first rectangle.*

*Taken after my cursor is hovering over the first rectangle. The link that pops up does line up exactly with the information listed on the site, so I know it is safe to click on it.*

CONCLUSION

The absolute biggest takeaway of this blog is that whenever you get an email that is requesting personal information, whether it be your mother’s maiden name or your social security number, always be skeptical. If it looks like it is coming from a reputable sender, take the time to reach out to that sender and ask if it was really sent from them. If it is not an option to reach out to the sender, ensure that you are checking every part of the message. Does the logo look correct and are all the words spelled correctly? Is the signature accurate to previous emails you received from the same sender? Is the email referring to you as your correct name? And most importantly: do not click on links sent to you!

References

Smith, G. (2023, September 6). Top Phishing Statistics for 2023: Latest Figures and Trends. StationX. https://www.stationx.net/phishing-statistics/#:~:text=1