Phishing is a sort of social engineering technique employed by hackers to collect sensitive information like usernames, passwords and credit/debit card details by posing as a trustworthy person or organization. Since most online users are unaware of the techniques utilized in executing a phishing attack, they often fall victim and hence, phishing are often very effective. Ignorance among the people is the prime reason behind such attacks. This article will create awareness and educate the users about such online scams and frauds. Below are some of the tips to identify various phishing techniques and stay away from them:
How to Identifying Phishing Scam:
1. Beware of emails that demand for an urgent response from your side. Some of the examples are:
• You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanent suspension”. In most cases, you’re requested to follow a link (URL) that takes you to spoofed website (similar to your bank website) and enter your login details over there.
• In some cases, phishing emails may ask you to make a phone call. There will be a person waiting on the other side of the phone to take away your credit cards details, account number, bvn, social security number or other valuable data.
2. Phishing emails are generally not personalized. Since they aim many online users, they typically use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails are often an exception to this rule.
3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed web page with official logos and information that looks exactly same as that of the real sites of your bank or financial institution . Pay attention to the URL of an internet site before you enter any of your personal information over there.
Even though malicious websites look just like the legitimate site, it often uses a distinct domain or variation within the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:
How to Avoid Being a Victim of Phishing:
1. Do not respond to suspicious emails that ask you to give your personal information. If you’re unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned within the suspicious email.
2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the web site on your browser’s address bar to get into an internet site .
3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as passwords, account numbers or credit card details. You will see a lock icon in your browser’s address bar which indicates a secure connection.
4. In most cases, unlike a legitimate website, a phishing website or a spoofed web page will not use a secure connection and does not show up the lock icon. So, absence of such security features are often a transparent indication of phishing attack. Always double-check the security features of the online page before entering any of your personal information.
5. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also make sure that your browser is up-to-date with the required patches being applied.
6. Report a “phishing attack” or “spoofed emails” to the any Internet/Cyber security agents in your region so as to stop such attacks from spreading all over the Internet:
I hope this article will assist you to detect and avoid various phishing scams . If you have any contribution or more enquiries, please pass your comments and share this post for others to benefit.