There are several myths and misconceptions that abound when it comes to Phishing. These are the top 5 most common ones:
Myth #1
Anti-spam software can detect phishing email
While anti-phishing and spam filters can decrease the number of phising emails that get into your inbox, they are not 100% effective. Whenever anti-phishing technology keeps improving, the phishers are always devising ways to get around them. It truly is a cat-and-mouse game.
Secondly, because spam email and phishing email are different (phishing email spoofs a legitimate business), a different set of rules and criteria are required to detect the phisher.
Myth #2
As long as I don’t give my password and user-name, I won’t be Phished
Phishers are getting increasingly sophisticated. They now employ several variations on the original spoofed email that once requested your password and user-name.
They will, for example, instruct you to click on a link so as to update your information at a website. If you do click on the link, malware such as a keylogger or syware wil be downloaded to your computer.
The link may take you to a spoofed website, but it may also link you to the actual website of the legitimate business. Once there, a pop-up or overlay is activated, directing you to log in. You will probably be unaware that your access information has been compromised.
