How Phishing Emails Work
If you have been conditioned to react to your bank's site with entering your details and credentials, what better way is there to obtain these crucial data from you than showing you a page that looks and behaves exactly like your bank's — but sends the data elsewhere.
The problem, of course, is getting you to see the page. Fortunately, there's email. In a legitimately looking email informing you about something legitimately urgent, I show you a seemingly legitimate and totally ordinary link to what you think is your bank's site but in fact is my own copy of it.
Because they are done so well, these so-called phishing emails can be hard to spot if you look only superficially — which, of course, you don't. But even if you keep your eyes open, some additional protection won't hurt.
Outlook, from 2003 SP2 onwards, contains some protection from phishing emails. If enabled, the links in identified phishing attempts don't work. Even if you half-drunk and half-asleep carelessly and recklessly click, you cannot.
Enable Phishing Email Protection in Outlook
To enable the phishing email protection built into Outlook:
- Select Tools | Options... from the menu in Outlook.
- Click Junk E-mail... on the Preferences tab.
- On the Options tab, make sure Disable links and other functionality in phishing messages. (Outlook 2007) or Don't turn on links in messages that might connect to unsafe or fraudulent sites. (Outlook 2003 SP2) is checked.
- Click OK.
- Click OK again.
- Keep the Outlook spam filter up to date using Office Update.