Some hackers use methods to infect computers with malware to steal the most valuable information, while others demand it from the front. The latter act, called "phishing", is one of the most effective ways to deceive unsuspecting victims.
Phishing is a type of cybercrime that allows hackers to pretend to be an authoritative person, customer service representative, or other trusted source to steal the most valuable personal information.
Phishing attacks are usually done via email, but can also occur with text messages or even telephone calls. How can you find out what is really legal and what is a scam?
The following is a guide on how to recognize and defend against phishing attacks and what to do if they are targeted by cyber criminals.
What are phishing and 7 tips to keep you safe in 2019
Unsplash
How phishing attacks work
The basic premise of phishing can take a variety of forms, but criminals can trick you into trying to convey personal information such as credit card numbers, passwords, and account numbers .
For example:
Imagine you receive an urgent email from your credit card company. There appears to be a problem with your account and it is locked for security reasons.
The email may prompt you to click on a login page where you can verify your identity and unlock your card or account.
You can complete this entire process without noticing that your email and login pages are malicious and that you are the target of a phishing attack.
A typical example of phishing email includes the following prompts:
Unlock credit card or bank account
Update official contact information
Restart account or membership
Confirm receipt of parcel delivery
Request a refund or payment
Please send W2 documents of you or others
Make a wire transfer
These emails can appear to be from Internet providers, from the United States government, and from company bosses .
Often these message requests are urgent (your credit card account is locked) or very attractive (requesting your refund).
Phishing attacks are usually done in bulk using "phishing kits" or email or website clones that look legitimate. For example, a criminal may copy a popular bank login page and modify the code so that the target person sends his credentials after typing.
However, in rare cases, it can be the target of phishing attacks targeting specially made individuals. This is called "spear phishing" and usually consists of personalized email that contains information about you and the people you know. For example, you receive an urgent email that appears to be from your boss and asks you to send W2 documents for everyone in your department.
Whale phishing is a particularly personal and sophisticated phishing attack that targets high-value targets, like a CEO of a large company.
How to find and prevent phishing attacks in 2019
How to find and prevent phishing attacks in 2019
Pixabay
Phishing attacks can be very scary because they can be targeted and are designed to perfectly mimic legitimate everyday transactions.
You do n’t need to visit a suspicious website or share a file on a torrent site in the face of a phishing attack. One day, there is a fraudulent email in your inbox that appears to be from Amazon, Netflix, or your bank, and you may want to take immediate action.
If you still understand what you are looking for, finding a phishing attack is not that difficult and can be prevented .
Here are some tips to keep you safe when viewing emails and other messages:
- Watch out for "too good talk" offers
If you are a sender you don’t know personally or don’t expect a message in advance, keep a healthy skepticism about the message in your inbox.
Is it a message that the bank makes a mistake, Amazon makes a huge refund for you, or the IRS wants to send you free money?
These are great danger signs that need to be examined further.
Similarly, beware of urgent messages that don’t have much overall content and might need immediate attention.
- Check URL and email address carefully
For example, suppose you receive an email from Amazon requesting a refund for an incorrect charge. It seems like the story goes well, but what should I do?
Look carefully at the sender’s email address. Does it look correct?
If someone claiming to be an Amazon employee contacts by email, the email address should look like " name@amazon.com " or include a variant or subdomain of it (for example, support .amazon.com).
If the email is from a subtlely misspelled domain (such as Amazonn.com) or forwarded through an unrecognized or unintelligible domain, this indicates that it is a phishing email The
If you place your cursor over a link in the email before clicking, the target URL for the link is displayed. These should be recognizable and applicable to the sender.
Do not visit websites that contain unrecognized URLs or reply to emails forwarded through inappropriate domains.
- Confirm reliability before providing important information
It is rare for an authorized customer service provider to request a complete account number, credit card number, or any other personal information. In most cases, partial information (last 4 digits of account number or street address) is used to verify your identity.
But in some cases, you may need to provide really detailed information.
If the conversation seems suspicious in some way, check the reliability of the request in some way whenever possible.
One good way is to talk to someone by calling a legitimate customer service phone number on your company website, or to find an official communication method that is completely separate from the email message in question .
- Use a trusted email provider
The best email providers in 2019 provide some protection against phishing attacks and other spam spam.
For example, Outlook and Gmail can access large amounts of data about reported scams and malicious messages. Even before users see them, harmful emails can be filtered better than some small and medium providers.
If you choose to run your own email account, be sure to check its spam settings and contact customer support for recommendations to protect against phishing if necessary.
- Beware of charitable activities around major world events
In the event of a natural disaster or terrorist attack, scammers often form rogue charities in the hope of benefiting from those who want to serve.
Use safe email practices, be vigilant especially during frequent fundraising activities, and don’t give your credit card number unless you are 100% sure that your purpose is legitimate.
If you want to contribute to political or humanitarian donations, look for a trusted organization and donate directly.
- Install anti-phishing protection
Best anti-virus programs include additional features to protect against phishing scams.
Accessing a large library of reported phishing incidents and other attacks can help protect against email providers and eliminate spam more effectively.
- Report potential phishing attacks
As a good citizen, let your bank, internet provider, or other company know if an attacker is attacking you in your name.
If you are informed, you may be able to take security measures such as alerting you or adjusting the login page design to keep more people safe.
Conclusion – keep safe and suspicious
Phishing attacks can be avoided relatively easily if you have knowledge of how they work.
Computer worm Unlike the attacks and brute malware attacks, phishing is your dependent, you passing your information Hold your vigilance.
The easiest way to stay safe is to never give sensitive or important information to an online person unless you are 100% sure that it is a reliable source.
Of course, it’s easy to be careful with words, but in fact, modern phishing attackers are completely replicating checkout pages, login pages, and other important web portals.
However, if you are careful to look up your email address and URL before you get involved, you will be able to find attacks before you become victims.