Don't Get Hooked: How to Spot a Phishing Email

I almost fell for it.

I received a very authentic looking email yesterday from what I thought was Yahoo telling me that some of their unused accounts were slated to be closed. The email told me to click on a link to log in and set my preferences. Since I’d created many Yahoo accounts in my life I thought I’d check into it.

The email looked like this:

Looks authentic, doesn’t it?

I clicked the link which took me to a site that looked exactly like a Yahoo Mail login page.

I had quickly typed in my username and password, when suddenly, a little voice inside my head whispered, “What the [bleep] do you think  you are doing?!” Luckily, I listen to those little voices sometimes. I stopped short of hitting send then looked up and saw a very unfamiliar URL and realized I’d been fooled.

Phishing is when computer hackers try to trick you into providing usernames and passwords so they can take control of your online accounts.

The link I clicked directed me to a bogus site with an unfamiliar URL. Double checking the URL of web pages you are at is one of the easiest way to tell if you are at an authentic site. If the site is genuine you will see a familiar URL. For example, if the link in this email took me to a Yahoo address it would contain: yahoo.com. If it is anything else, for example, mail.yahoo.c.com or mail.2yahoo.x.com, it would be a clear sign that you’ve been sent to a malicious site.

Although I didn’t hit send, living with a cybersecurity guru has made me a bit paranoid, so I went to my Yahoo account and changed my password as a security measure.

The take-away: listen to your gut feelings. If you receive an email that makes  you uneasy, don’t click on any of the links or open the attachments. If you think an email might be bogus, fake, or appears misleading, listen to the voice inside your head and mark it as spam or hit delete.

Advertisements