Expand / Collapse search
Watch TV

Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital SolutionsLegal Statement.

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. FAQ - New Privacy Policy

Tech
Published

What is 'phishing?'

'Phishing' is a popular scamming method used by bad actors who make fraudulent emails look real

Experian VP of Data Breach Resolution Michael Bruemmer discusses the ability of hackers to steal individual data using drones, protection against data breaches and the long-term effects of people’s account information being stolen. Video

"Phishing" is a popular scamming method used by bad actors to gain access to people's sensitive information online by making fraudulent emails look real.

Here's how it works: Scammers send emails from addresses that look familiar or that incorporate the names of popular companies so recipients assume they are trustworthy sources.

Phishing emails are often presented in such a way that they look legitimate; they are written with formal language, are neatly formatted and use familiar logos or images.

Phishing email example, (FOX Business)

However, phishing emails also contain fraudulent links, and that's where the scamming process comes in.

By using familiar names in addresses and incorporating popular logos and images into their phishing emails, scammers aim to gain the trust of whomever they are targetting so that they click on fraudulent links within those emails.

SPEAR-PHISHING ATTACKS: WHAT YOU NEED TO KNOW

For example, victims may receive an email from amazonpackageservices@yahoo.com that reads, "Your Amazon order has been delayed. Click here for details," along with a link. When users click on the link, it may tell them to "enter email and password for more information," or something along those lines, which is how scammers get access to information.

The links will sometimes lead to a fake website that imitates a real website and asks users to give their email addresses, phone numbers, passwords, credit card information and more.

Bad actors imitated the following brands most often to conduct the criminal act called phishing in the fourth quarter of 2019,  according to a Feb. 6 study by cybersecurity research firm Check Point Research: Facebook (18 percent of all phishing attempts globally), Yahoo! (11 percent), Netflix (5 percent), PayPal (5 percent), Microsoft (3 percent), Spotify (3 percent), Apple (2 percent), Google (2 percent), Chase (2 percent) and Ray-Ban (2 percent).

Phishing doesn't just happen via email, either; scammers can target victims via text message, too.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Bad actors will often use popular events to get users' attention. Sometimes, they will even track the online behavior of their targets to study their interests before they send an email or text in an attempt to increase the chance of getting the victim's attention. Think: the 2020 U.S. presidential election.

Scammers use President Trump's name in phishing emails more than all other 2020 presidential candidates combined, a Feb. 7 study by security software company Avanan found.

"Candidates are such a prime source for phishing," Avanan Director Dylan Press previously told FOX Business, adding that Trump's name was the most because he has "the most name recognition out of anyone, and he stirs up an emotional response."

CLICK HERE TO READ MORE ON FOX BUSINESS

To avoid being tricked into giving out personal data to scammers, people should avoid clicking on links in emails that come from unfamiliar addresses even if they use a candidate's name or logo.

"There is no reason to click on that email," Press said. "If you want to donate to anyone, Google their website, and I guarantee the first thing you'll see will be a [legitimate] donation link."