Unraveling the Differences between Spam vs Phishing
The safety of your Internet browsing sessions requires a blanket approach to operations. Two terms that routinely come up in a discussion of online safety and security include ‘Spam’ and ‘Phishing’. Sometimes, spam and phishing are used interchangeably, particularly when phishing scams employ spam messaging. Spam is the online equivalent of junk mail. Spam is usually in the form of unsolicited emails which arrive in your inbox [or spam box], waiting to be opened. This type of email messaging is designed with one express purpose – to get you to click on links, open emails, or navigate out.
The worst thing about spam is that not all of the emails are harmless. Spam messages often just clog up your inbox and serve as annoyances that you simply want to mass delete. But sometimes they may ‘appear’ to come from government agencies, banking institutions, insurance companies, schools and colleges, et al. One of the hallmarks of spam messaging is the need to act decisively.
Keywords in spam messages include: ‘open now’, ‘click here’, ‘urgent notice’, ‘read now’, ‘act quickly’, and so forth. The spam messaging is geared towards action. Once a message arrives in your email inbox, your antivirus software should identify the message as spam, and quarantine it/delete it accordingly. This doesn’t always happen though. That’s why it is strongly recommended to use a safe site checker for all ‘unknown’ messages that arrive on your virtual doorstep. Reputable safe site checkers such as My WOT (Web of Trust) are designed to automatically perform safety checks on all websites, based on community ratings and algorithms.
The WOT extension is compatible with all search engines. This security system provides guaranteed protection against malware, adware, viruses, and phishing attacks.
Takeaway: Spam is usually sent to you via email.
One way to identify spam messages, is to click on the sender’s address, and expand it to see what the full details of the address reveal. Remember, clicking on spam messages can be a hazard. A spam email address that reads ‘Bank of America’ invariably has a jumbled alphanumeric actual email address which has nothing to do with the ‘Bank of America’.
The most effective defense is a safe site checker, but other measures can be employed too. They can be used to detect, and guard against spam messaging. These include taking charge of your online presence by reducing your online footprint in forums, blogs, email lists, and social media profiles. The fewer mentions of your email address, the harder it will be for hackers and other bad actors to spam message you.
Of course, it always pays to set up email programs with filters. A fine balance needs to be struck between filtering out legitimate emails, and spam messages. In Yahoo and Gmail, and other email programs, you can mark spam and report it accordingly. These are useful techniques to reduce the sheer volume of spam messaging that you receive.
Phishing for Sensitive Personal Information
One of the one of the most commonly used infiltration techniques by scammers is a phishing email. These are typically sent to employees at a company. For all intents and purposes, they look like legitimate emails, but they’re not. They contain dangerous code known as malware that automatically downloads and installs into the host computer, hacking into the company’s servers and systems. Links to these malicious websites may be sent via email, or through stand-alone websites while you’re browsing the Internet. Regardless, they are extremely dangerous.
Phishing attacks are certainly not benign – they are malignant. Every time you click on links, or open messages from phishing sites, expect the worst. Some of the most commonly used phishing attacks are known as ‘Spear Phishing’. These are targeted at small groups of people, typically employees at a company, to gain access to the company’s mainframe and/or network. They do this to collect personal, sensitive information such as login credentials of employees, or lists of customers.
The next attack is equally dangerous, if not more so. It is sent via a legitimate email address that has been hacked, and directed at customers or other employees. Since this phishing message is legitimate – for all intents and purposes – your email filters, and antivirus software will likely not work against it at all. For example, if John Doe at Company ABC has his business email hacked via a phishing scam, and Company ABC then emails you via John Doe’s email address, it’s 100% legitimate as far as your antivirus software is concerned.
Takeaway: Phishing scams are malicious attempts at trying to get you to volunteer personal information via an authentic-appearing source.
Wrapping It All Up: Stay Safe from Spam & Phishing Attempts
Safety first: Install powerful protection measures to guard against spam and phishing attempts.
It’s worth pointing out that spam isn’t necessarily criminal in nature. It’s like bulk mail sent by companies to customers via email. It’s annoying, and it collects bits of data like cookies from your computer. Businesses use spam messaging because it’s cheap. But spam can be incredibly dangerous too, depending on who sent it to you.
Phishing by contrast is riddled with fraudulent intent all the way. It isn’t about marketing a product or a service. It is a dishonest, criminal, and toxic infiltration system used by hackers and career criminals to do damage to recipients.
Phishing masquerades as something trustworthy, but it is a nasty bit of malware that can devastate your computer systems, your IoT network, and ruin your life. Think of Social Security numbers, identity cards, drivers licenses, bank account details, and you will understand how dangerous a successful phishing scam can be.
