Despite constant warnings and advice about virtual scams, users continue to lose money and time by falling for them. So much so that, according to recent research, more than 60% of people cannot recognize a phishing-type hoax, a very common technique among cybercriminals that consists of impersonating another person or company to steal money and information.
The study was carried out by the ESET company, dedicated to cybersecurity, in the United States and was called “Phishing Derby“.” Is designed to evaluate how competent are we to distinguish messages that seek to specify a real scam. The scoring system is based on speed and on correctly differentiating a real email from one that is a scam, “they indicated from the company.
The questionnaire was not designed to generate statistics, but to raise awareness and help educate participants on how to identify fake emails. Interestingly, the results show a marked difference in how the younger participants, ages 18-24, correctly identified the samples: 47%, compared to just 28% of those over 65.
People between 25 and 44 years old reached 45% and people between 45 and 64 years old were at 36%. The total number of participants was 4,292. A similar result was presented when ESET Canada conducted the same survey in late 2020, with 68% of the participants who failed to identify all four samples correctly.
In order to prevent this from continuing to occur, from ESET they put together a list with seven tips to take into account to discover if an email is false and thus avoid falling into this type of virtual scams.
1) Pay special attention when the email is not addressed to you personallyDespite the fact that the company that is supposed to be sending the email knows who you are and, in general, would send emails that include your name and not in a generic way.
2) Grammar and spelling errorsWhile there are currently many phishing emails that are perfectly written, it is still common for many campaigns with somewhat sloppy and buggy messages. Therefore, considering that phishing emails are getting better designed, be sure to read them twice as errors can be harder to detect.
3) Email is not requested; In other words, it is a company with which you have never communicated.
4) A call to make an urgent decision; for example, you click a link and log in to review transactions or the like
5) The sender’s email address: Hover over the email address and note the actual sender address and the domain it was sent from.
6) Emails with attachments, for example, claiming to be an invoice or notification of some kind.
7) Have a security solution installed and updated on all your devices, both desktop and mobile.