Phishing is a serious security problem. It affects people and companies all over the world. And while things like ransomware infections and data breaches sound more serious, these problems often start with phishing emails. Majority of attacks involve threat actors contacting their victims using emails; attackers use phishing emails to manipulate victims into disclosing sensitive information and there are many ways attackers accomplish this. One well-known strategy is to trick victims into entering login credentials for online accounts into fake websites.
So what can an average person do to protect themselves from phishing? There are a few tells that people can use to help, a good preventative measure is to use plain text emails as your default view when possible, and especially when communicating with someone you don’t really know. Looking at things like website links in plain text makes it easy to spot the odd-looking URLs used in a lot of phishing scams and spotting a weird link in an email from your bank, your online dating service or some other company should be an immediate red flag that what you’re reading might be part of a phishing scam.
How to actually set up your emails to view them in plain text depends on your email client. But it can be done on your desktop/laptop with both Outlook and Gmail. However, the capability is not as popular on mobile clients due to their operating systems being heavily sandboxed compared to their desktop counterparts, so an attacker needs multiple chained exploits to quickly compromise a target, and those are pretty rare. Opening a PDF on a mobile device rather than my desktop makes me feel a bit safer but you still have to be careful about following those links, so exercising caution is still really important.