Links are the way we quickly get to the things we want to see, but there is a hidden danger with links that many people don’t realise. It is very common for the link you see to be different from the link you will actually go to if you click it. This is very helpful most of the time because no one wants long and complicated links to look at, but the criminals use this to their advantage. One common way is phishing emails which usually try to tempt or scare you into taking action, by clicking on the link they provide. An example might be an email supposedly from HMRC saying you have a tax refund and encouraging you to click the link to begin the claim process. The link might look like www.hmrc.gov.uk/claim, but when you click on it you might be taken to www.infectyourcomputer.com.
If you hover your mouse over the link, you can often see the actual link it will take you to, usually in the bottom of the window somewhere.
The rule of thumb is just to NEVER click on links in emails. Some common phishing emails:
- Email from Amazon / Ebay / any shopping site saying your order has been placed (but you didn’t order this item), and if you need to make changes you can click the link below.
- Email from Microsoft / Google / Amazon / your Bank, saying that your account has been suspended and you need to click the link to re-activate or the account will be suspended in 24-48 hours
- Email from Microsoft / Google saying that some emails have been quarantined for you, and you need to click on the link to access them.
The common thread is that they want you to click the link in the email.
Some emails are more sophisticated, and many are superbly disguised to look like they are legitimate but they always want to you to click a link.
So how do you spot a phishing email?
- Look at the from address (not the name, the actual email address). For example, it might say it came from “Microsoft support” but the email address is email@example.com – clearly not from Microsoft.
- Does it try to temp or scare you into clicking a link?
- Does it seem likely or realistic? For example, HMRC will write to you about a tax refund, not email you. Your Bank will also write to you if there are problems with your account.
What should you do?
- If you still think the email might be legitimate, open your browser and type in the address manually. Log in to your bank, or your Amazon account etc directly.
Antivirus is a slightly misleading name for modern software which often protects you from far more than just viruses. A good product should help protect you from browsing to dangerous websites, alert you if you try to download a dangerous file, scan incoming emails for dangerous attachments and more. It’s critical to have a reputable security product on every computer you use.
At its simplest, a firewall is simply a device that separates your computer from the internet. All common routers have a very basic firewall built in, which may be just about acceptable for home use. But for business, you need to have a more advanced firewall, which is capable of intelligently analysing the data, and alerting you it detects a dangerous connection, or an attempt from the internet to do something to your computer that doesn’t seem normal.
As an analogy, a basic firewall is a bit like having a picket fence around your home. It will stop people looking into your garden, but it won’t stop a criminal from jumping over the fence.
A modern firewall is like having your own security guards who can see the criminal trying to jump over the fence and stop him before he manages to.
If you are using strong passwords, with different passwords on each account, good antivirus and a firewall, and you avoid clicking links in emails, you will be a lot safer and avoid the most common threats out there.
Contact Flywire Technical Services for immediate IT support for business and home users.