Phishing attacks - How to be safe from them


Some emails we receive contain clickable links that lead to insecure websites and may steal our personal information. A technique used to steal our personal and confidential information is called phishing and that is done especially via emails. Go through this article to know more about phishing and how to be safe from phishing attacks?

Did you find any email mentioning that you have won a million dollar jackpot in so and so competition? If yes, you should have definitely opened it and if you didn't click any of the links in that email, it's a smart move. Otherwise spyware and malware would have been installed on your computer or you could have lost your credit/debit card details to some spammers or cyber criminals. Yes, this technique used by those criminals is called Phishing and is generally carried out by email spoofing. Let us see how this phishing is carried out in a detailed manner.
Email Phishing attacks
A spam mail I received a day back.

How Phishing is carried out


Generally this phishing is carried out in a proficient way similar to SEAL team attack on Osama Bin Laden. They pre-plan the business to target and collect the mail addresses of users and use mass-mailing to send emails to targeted users. You may treat them as legitimate ones, because they use similar logos and names of the Banks or Brands on behalf of whom they are cheating you. So, if you click on those links present in emails they take you to a web page that looks similar to official websites. There you'll be asked to enter credentials like username-password, credit/debit card details etc. Here's an example for you. Let us suppose you've received the following link in your email.

Please visit https://techulator.com/Resources

The above link appears to be genuine with that "https" and if you expect that its destination is Resources section you are wrong. That takes you to a different place i.e. login page of Techulator. So, don't click every link without estimating its safety.

How to be safe from Phishing attacks


  • Your bank, or any e commerce business like eBay, Amazon or Paypal never greets you 'Dear Customer.' All official correspondences should contain your name and complete details. This cannot be applied to 'spear phishing' where phishers use personalized information.

  • Majority of the businesses don't ask for your personal details like credit card info or username password combo via email. So, don't respond to such emails.

  • Another important technique is, checking for spellings that are misspelled. The names of businesses will be sometimes misspelled and the description lacks good grammar.

  • Your Firewall and anti-virus software can safeguard you to a major extent. Also, check for the presence of SSL certificate and "https" in the URL box.

  • You are lucky using Gmail, because it filters all such spam emails before they enter your inbox and also warns you about the danger in clicking them.
    Email Phishing attack to enter Paypal details
  • Some mails offer you a deal that you've never subscribed to. And some offer that they are going to deposit money into your account or Paypal. Here's a mail that I received 10 days ago i.e. on May 20. It says that Mr. LaRoque, whom I've never met wants to deposit a $100 amount in my Paypal account. One funny thing is that I don't have a Paypal account till now. SO, don't get fooled by such mails.


  • Also Read Legal issues with downloading copyrighted content on Torrent

    Not all phishing is done via email. There's also a technique 'Vishing' that involves calls to victims using fake identity fooling you into considering the call to be from a trusted organization. They may claim to be from a bank asking you to dial a number and enter your account details. You are mainly subjected to phishing through fake job search sites, chat rooms and spam advertisements. This phishing is not restricted to one time attack, phishers may install malware that include keyloggers and trojans that trap your key strokes every time you enter your credentials. If you find any such phishing practices, immediately report to anti-phishing organisations like antiphishing.org and National Fraud Information Ceter.


    Comments



  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: