When you are running a successful e-commerce business, it is important to be able to identify phishing attempts. It doesn’t matter whether you are using your own website, WooCommerce, Shopify, or PrestaShop, all e-commerce sites are targeted by phishing at least once.
Unfortunately, phishing attempts are getting better and more convincing. This is causing many e-commerce companies to suffer harm, harm that sometimes cannot be repaired or is very expensive, and this can be fatal.
Being able to recognize sketchy emails that are trying to steal your password or install malware on your computer is one of the most important skills you can learn. It is not just important for keeping your e-commerce site safe, but you safe, too.
What is Phishing?
Phishing is one of the most common types of cyber “attack” that takes place.
It is a fraudulent attempt to obtain sensitive information—e.g. your usernames, passwords, or financial details—through fraud. It is carried out by attackers who are pretending to be a reputable company such as a bank.
Once the phishing attacker has the information they want, they can do untold amounts of damage.
People fall for phishing attempts every single day. In fact, year on year, phishing is the cause of over 50 percent and sometimes as much as 70 percent of cybersecurity breaches. Despite spreading awareness, phishing continues to work and get better with each passing day.
According to statistics, around 11 percent of people who receive a phishing email will fall for it.
Google’s Phishing Awareness Quiz
Google (now known as Alphabet Inc.) recently came out with their own quiz that you can use to find out how good you are at identifying phishing. If you are an e-commerce website operator or run any other sort of online business, we recommend taking the quiz to get an idea of your knowledge.
The quiz has eight different examples of emails that could potentially be malicious. They are all inspired by real phishing emails that Google has seen in the real world, from the obvious to the not so obvious.
Google has even included an example that was inspired by the phishing emails that were used to trick Hillary Clinton’s campaign manager and Colin Powell, veteran Republican, to give away their passwords to so-called Russian hackers. The fact that high-level politicians can be tricked simply serves to highlight just how important it is to be aware that phishing exists, what it looks like, and how to avoid it.
How Can Phishing Harm My E-Commerce Website
If you are running a successful e-commerce site that is making lots of sales, you are a prime target for attackers.
Think about it.
If somebody can gain access to your website’s admin panel—your account that likely has no restrictions—they can do all sorts of damage. From stealing data, manipulating your site’s code, and even re-directing sales revenue to their own accounts, the damage that can be done is truly frightening.
What’s more, you could end up locked out of your e-commerce store altogether if you are using the same password for backup services such as your email address.
If this happens, you are in trouble.
Simple Tips for Spotting Phishing
Spotting phishing attempts is pretty easy. Once you have seen a few, you have seen them all. Some tell-tale signs that an email you have received is a phishing email are:
- Incorrect spelling, grammar, and punctuation.
- General bad use of the English language.
- Mismatching email addresses to a company name.
- Attachments that give you a virus warning.
- Attachments that don’t appear to be the right filetype.
- Emails from random people you have never spoken to.
- Emails purporting to be from your bank that ask you to log in.
The list goes on and on. There are so many different methods employed by attackers; we could not possibly put them all here.
The best way to protect yourself from phishing attempts is simply to learn about them—what they are and what they look like—so you can automatically spot them. So long as you know what phishing is, how it works, and are cautious when opening your emails, you will be fine.