The best spear phishing tip is to delete suspicious or unrecognized emails without opening and acting upon them as directed and contact the company directly to inquire about the message. If you understand this statement, you don’t need to read the rest of this article, but if you need more information, read on.
Spear phishing is a spam email that appears to be from an individual or business that we recognize. Criminals often use spam emails to extract personal information form targeted email recipients by asking them to take certain actions such as fill out a form, call a number, or click a link embedded within the email. These spam emails are intended for spear phishing to steal credit card and bank account numbers, passwords, and other personal and financial information.
Often these fake emails look and feel so real that email recipients trust and act upon the criminal request. One of the main reasons that these emails look real is that they look like they come from banks and stores that we patronize and recognize. Because these spam emails look real, they evade email spam filters to reach the intended recipients, and, entice them to open the emails and act upon the instructions therein. For example, you might receive an email appearing to come from your bank warning that your account has been breached and asking you to verify your personal information by clicking a link to complete a form or to login to a website which then collects your ID and password while you receive an error message that you can not access the website. Of course, you can not access your account because it is a fake website which completely looks and feels like the real company website that you often access and use. The entire scheme is designed for spear phishing to steal your personal information one way or another. Once your personal information is stolen, it can be used to access other accounts if you use the same credential to access other accounts which is why it’s very important to use unique passwords for critical accounts so that when access information for one account is stolen, it can not be used to access other accounts. As mentioned, other techniques may be used to steal your information such as phishing by phone or by text message. The intended purpose is the same however the means to achieve the purpose is different.
You will never be successful at completely opting out of email distribution lists because as you remove yourself from one list, you receive emails from other companies because the same contact database is sold to many parties who wish to contact you including criminals. Plus, your contact information can be stolen from companies you do business with to either be sold or used to extract additional information from you to commit a fraud. The best spear phishing tip is to assume that you will receive spam emails which intend to extract information from you and to recognize and delete them without opening them. Therefore, pay attention to details in order to recognize spear phishing emails and delete them without opening the email or acting upon the message. Opening a dangerous email is very serious because it can create other problems such as installation of malware on your machine which can search for passwords and other information such as account numbers which can be used to steal money from your accounts.
If you are not sure of the email and its message is real especially when the message is a serious warning such as your account has been accessed by unauthorized persons, contact the institution directly by searching for its phone number online or on your account statement and call them directly. Never trust the phone number, web address, or the link in the email.