Internet phishing: written by Ahsan Syed

drawing of a burglar with fishing pole and man at computer

We live in an era where virtual relationships and forms of communication have become more dominant then in person. Our digital ID’s and accounts are our virtual footprint by which the world recognizes our existence by. Having important information online although can make life easier and more efficient, but it can also make us more vulnerable to intruders who can take our data and exploit it. Internet phishing is a term used to describe email or electronic communications scam targeted toward a specific individual, organization, or business. Although often intended to steal data for malicious purposes, cyber criminals may also intend to install malware on a targeted user's computer. Did you know, 50% of recipients open and click emails and click on phishing links within the first hour of it being sent. Also, half of all phishing attacks are aimed to steal money. It is important to know how to identify and prevent such scenarios.

Due to the COVID-19 outbreak, increased volumes of COVID-19 related phishing emails are being sent to UWaterloo students. One email asked ­­students to click on a link for updates about the pandemic. These attacks are expected to continue, and thus we should be vigilant and read emails carefully.

Not too long ago, I got an email supposedly from a close relative stating that they are stuck in a foreign country and require immediate assistance, thus I should wire money on the address listed in the email. Since this was a close relative, my first reaction to this email was that I should try to help as soon as possible. But after careful consideration and reading the email multiple times, I found it to be suspicious. Here were some ways I figured out that it was not a legitimate email.

  1. I took the email to an adult to read and confirm if it sounds legitimate
  2. I understood that logically if someone needed my help and they were stuck in that situation they were more likely to call or text then send an email. Even if they were to email, they would ask me to reach out to authorities instead of asking for money.
  3. I called the person that the email was supposedly addressed from and confirmed they were stuck in that situation to which they replied “no”.

Internet phishers often try to exploit our emotions or make the message seem credible at first glance but after careful consideration, there are often many things that prove suspicious.

To avoid or minimize phishing attempts, I have highlighted a few ways that can help:

  1. Use security software on your computer
  2. Update phones often
  3. Use two-factor authentication for your accounts
  4. Back up your data and make sure the backups are not connected to your home network. Try using an external hard drive.

References:

“Anti-Virus.” SciVee, 2010, doi:10.4016/19459.01. https://www.kaspersky.com/resource-center/definitions/spear-phishing

Dung, Ong Mau. “Offloading Lte Data Traffic With Named-Data Networking Integration.” Vietnam Journal of Sciency and Technology, vol. 54, no. 3A, 2018, p.1., doi:10.15625/2525-2518/54/3a/11955. https://www.phishingbox.com/resources/phishingfacts#:~:text=30%25%20of%20phishing%20messages%20were,23%25%20in%20the%202015%20report.&text=95%25%20of%20breaches%20and%2086,incidents%20fall%20into%20nine%20patterns.&text=70%25%20of%20cyber%20attacks%20use%20a%20combination%20of%20phishing%20and%20hacking.&text=63%25%20of%20confirmed%20data%20breaches,weak%2C%20default%20or%20stolen%20passwords.