Cortavo Blogs

What Is Phishing & When You're Phished - Cortavo by Aventis Systems

Written by Tom Lasswell | Sep 23, 2020 6:18:00 PM

What Is Phishing?

What is phishing is a great question. It’s when someone sends you an email that looks like a legitimate email. These emails can oftentimes look completely legitimate, but there are several ways you can tell they’re fake. This email you clicked on has several indicators as shown below.

Keep these steps in mind when you’re receiving emails, specifically, emails asking for account credentials or password resets. To be safe, NEVER ENTER A PASSWORD ON A LINK YOU CLICKED ON IN AN EMAIL.

Check The Email Address for Phishing

As you can see in this email, the email address is “@levz.com”, obviously not from Google. However, this email address is so long that it sometimes will be hidden from the view that it’s not actually from Google.

Always check the email address from the sender.

Check The Content for Phishing

Check the email content. Sometimes you’ll see things that just don’t quite look right. In the email you got, there are a few signs that this could be a fake email. 

This email has some signs that it could not be legitimate:

  • One is that the images are not displayed properly. This is typically when Outlook doesn’t fully trust the sender. This however is not always an indicator of a fake email. 
  • Second, there is a formatting issue, there is two extra }} in the email after the name. This again is not always an indicator of a fake email but is a tell-tale sign.

Almost always there will be a link in the email to have you validate your credentials or some sort of “call to action”. In this email it’s referencing that you should click here to login and validate.  

You can see from “hovering” over the link, that this link is going to a fictitious web link. These links are sometimes masked quite well and will look like a legitimate web link. 

  • Always check that a link is valid. When receiving emails like this, it’s always a good idea to not click a link in the email but go directly to the site that it’s claiming to be. In this case, just go to google directly.

There will be signs that the link that you clicked is not really the site that you’re visiting. Many times it will go to a site that is “not secure” or to a site that has a web link that does not match who you’re visiting.

You can see from the link in the address bar a few things. One is a “Not Secure” warning and secondly that the URL is not Google at all. 

  • Checking for a “Secure” or “Green Lock” icon is one of the best indicators to see if you’re on a real site. This shouldn’t be the only check though, but typically an indicator. Sites used for phishing rarely take the additional time necessary to “secure” their pages. 
  • The web address in the address bar is another indicator. Always check that the address listed matches the intended location. You can see in this example that it is a series of numbers, not something you’d typically have from a Google email. 

If you have any questions, please reach out to Cortavo today!