Protect yourself from Phishing Scams
Internet protection starts with your mindset and behavior toward potential cyber-threats. Phishing tricks victims into giving over credentials for all sorts of sensitive accounts, such as email, corporate intranets and more.
Even for cautious users, it’s sometimes difficult to detect a phishing attack. These attacks become more sophisticated over time, and hackers find ways to tailor their scams and give very convincing messages, which can easily trip people up.
What is Phishing?
Phishing is a technique used to hack password and login details of a website. Phish pages are simply fake pages that look the original webpage where you’re taking the information from. The only difference between a phish page and the original page is the address bar link (for a normal user), redirection post, and get method (inside source for advanced users).
How do you identify a fake link? Just check the address bar URL for a fake page or Phish page. It will be showing a different URL than the original. You can install a web security tool bar in your browser to detect the phishing automatically, and to stop your browser from visiting Phishing pages.
Common Features of Phishing Emails
- Too Good To Be True – Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that you have won an iPhone, a lottery, or some other lavish prize. Just don’t click on any suspicious emails.
- Sense of Urgency – A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it’s best to just ignore them.
- Hyperlinks – A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different or it could be a popular website with a misspelling, for instance www.bankofarnerica.com – the ‘m’ is actually an ‘r’ and an ‘n’, so look carefully.
- Attachments – If you see an attachment in an email you weren’t expecting or that doesn’t make sense, don’t open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
- Unusual Sender – Whether it looks like it’s from someone you don’t know or someone you do know, if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don’t click on it!
Sample of Phishing Scam:
This sample will try to hack you Facebook Account:
When you click the link you will be directed to a legit Facebook notes page https://www.facebook.com/
When you click the link on the FB Notes page that’s when they gather the important information from the FB users here’s the link https://8485125.958219341276.
Here are the Five Steps to protect your emails and other communications:
1. Employ common sense before handing over sensitive information.
When you get an alert from your bank or other major institution, never click the link in the email. Instead, open your browser window and type the address directly into the URL field so you can make sure the site is real.
2. Never trust alarming messages.
Most reputable companies will not request personally identifiable information or account details, via email. This includes your bank, insurance company, and any company you do business with. If you ever receive an email asking for any type of account information, immediately delete it and then call the company to confirm that your account is OK.
3. Open email attachments from legit source only.
Do not open attachments in these suspicious or strange emails — especially Word, Excel, PowerPoint or PDF attachments.
4. Do not Click embedded links in emails if you are not protected with a security app.
Avoid clicking embedded links in emails at all times, because these can be seeded with malware. Be cautious when receiving messages from vendors or third parties; never click on embedded URLs in the original message. Instead, visit the site directly by typing in the correct URL address to verify the request, and review the vendor’s contact policies and procedures for requesting information.
5. Keep your software and operating system up to date.
Windows OS products are often targets of phishing and other malicious attacks, so be sure you’re secure and up to date. Especially for those still running anything older than Windows 10.
Reducing your spam to avoid Phishing
Here are some more useful tips to help you reduce the amount of spam email you receive:
- a] Never respond to any spam.
Most spammers verify receipt and log responses. The more you respond, the more spam you’re likely to receive.
- b] Think before you click ‘unsubscribe.’
Spammers send fake unsubscribe letters, in an attempt to collect active email addresses. If you click ‘unsubscribe’ in one of these letters, it may simply increase the amount of spam you receive. Do not click on ‘unsubscribe’ links in emails that come from unknown sources.
- c] Keep your browser updated.
Make sure that you use the latest version of your web browser and that all the latest Internet security patches have been applied.
Learn about cybersecurity in this digital age as the country’s premier cybersecurity event goes virtual.
DECODE 2020 will be on November 10-12 with the theme “ELEVATE! Transform Rapidly, Seamlessly, Securely.” Tracks about Artificial Intelligence, Machine Learning, Data Protection and Privacy, and more will be presented by renowned industry experts from around the world.