What is Phishing?
Phishing is a technique used by the cyber criminals who try to steal your important and private information by pretending to be someone or something you trust. For example, you get an email which seems to have been sent by your bank asking for your account details, but in fact it is indeed sent by a phishing expert. Though the email seems very real, it is actually sent by a cyber criminal to steal your account passwords. Phishing techniques have become extremely dangerous and sophisticated these days, since they accurately replicate the legitimate trusted source. For example, they will have a real logo, will use the same font and will seem to come from a real email address.
There are a few simple things you can keep in mind in order to avoid the phishing attacks:
Your bank or credit card company shall never ask for your password under any circumstances.
If the email you have received contains a link, do not blindly click on it. It can be a fake link which may lead you to a fake log-in screen or executes some other phishing attack. Before you click on the link, you can find out where it is going to take you by holding your mouse over it for a few seconds and looking at the status bar of your browser.Below one is example of phishing.
You may receive an email with a link which looks real. Even if you hover your mouse over it, it replicates a trusted website. For example, Look at the following web address- https://www.facebook.com@www.abs123.com . At first glance this may look like the facebook link, but in reality it will direct you to a completely different address which begins separately after the @sign.
Always check for "https" in the url address bar of your browser, before you enter any confidential information on website. Typically, only trust worthy websites use "https" and phishing websites use "http".
Make sure that you read the url adress properly. Watch out for websites with spellings that are similar to the actual website. "online.citibenk.com" instead of "online.citybank.com". Cyber criminals are known to register website domain names with a spelling similar to a trusted website.
A simple way to detect a phishing email is, you can carefully look for your full name mentioned in the email. Usually, the cyber criminal doesn't know your full name and may contact you by referring you with Sir, or your email address.
Most popular browsers like google chrome, mozilla firefox maintain a list of known phishing webistes and warn you when you are about to visit any phishing website that appears in their database.
Always check for "https" in the url address bar of your browser, before you enter any confidential information on website. Typically, only trust worthy websites use "https" and phishing websites use "http".
Make sure that you read the url adress properly. Watch out for websites with spellings that are similar to the actual website. "online.citibenk.com" instead of "online.citybank.com". Cyber criminals are known to register website domain names with a spelling similar to a trusted website.
A simple way to detect a phishing email is, you can carefully look for your full name mentioned in the email. Usually, the cyber criminal doesn't know your full name and may contact you by referring you with Sir, or your email address.
Most popular browsers like google chrome, mozilla firefox maintain a list of known phishing webistes and warn you when you are about to visit any phishing website that appears in their database.
the webpage of Phish Tank provides a bar, to specify any suspected link in it and checks for it. If you sign in or register with the website, you can submit any phishing link to the website and soon it updates the fake link.
Other solutions:
There are commercial anti-phishing software tools available that provides you protection against phishing attacks. For example McAfee's SiteAdvisor Live is a product that allows you to identify and protect yourself from risky websites. You can buy it online from its website.
Most importantly, if you have never opened an account with a particular bank and they email you, then it probably is a phishing attack. No matter how tempting their offer might be, do not click on any of their links.
Just keep these simple steps in mind and so you can avoid phishing attacks.
0 comments:
Post a Comment