Anti-phishing- Be smarter than your sources!

Ways to identify and avoid phishing scams

-Khushi Kumari

Phishing is a cybercrime in which a target is contacted by email, telephone, or a text message by somebody presenting as a legitimate institution to lure individuals into providing sensitive information such as personally identifiable data, bank account details, credit card details, and passwords.

The information is then used to access necessary accounts and can result in theft, fraud, and financial loss.

Your sensitive data is being stolen by cybercriminals

Common Features of Phishing Emails

1. Too Good To Be True — Moneymaking offers and attention-grabbing statements are designed to draw people’s attention right away. For instance, some claim that you have won an iPhone, a lottery, or some other lavish prize. Just don’t click on any suspicious emails. Bear in mind that if it seems too good to be true, it likely is!
2. Sense of Urgency — A favorite tactic amongst cybercriminals is to raise you to act quickly because the super deals are only for a restricted time. Some of them will even tell you that you have solely a few minutes to respond. When you encounter these kinds of emails, it’s best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your details immediately. Most reliable organizations give sufficient time before they terminate an account and they never ask patrons to update personal details over the Internet. When in doubt, visit the source directly instead of clicking a link in an email.
3. Hyperlinks — A link might not be all it seems to be. Hovering over a link shows you the particular URL where you will be directed upon clicking on it. It could be entirely different or it could be a popular website with a misspelling.
4. Attachments — If you see an attachment in an email you weren’t expecting or looks suspicious, don’t open it! They often contain payloads like malware or other viruses.
5. Unusual Sender — Whether it looks like it’s from someone you don’t grasp or someone you do know, if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don’t click on it!

Be cautious and protect yourself against spam email and phishing

Prevent Phishing Attacks:

Though hackers are constantly devising new techniques, there are some things that you can do to protect yourself and your organization:

• To protect against spam mail, spam filters can be used. Generally, the filters manipulate the origin of the message, the software used to send the message, and the appearance of the message to determine if it’s spam. Sometimes, spam filters may also block emails from legitimate sources, so it isn’t always 100% accurate.
• The browser settings should be modified to avert fraudulent websites from opening. Browsers keep a track of fake websites and when you try to access the website, the address is blocked or an alert message is shown. The settings of the browser should only permit reliable websites to open up.
• Many websites need users to enter login information while the user image is displayed. This sort of system may be open to security attacks. One way to ensure security is to change passwords regularly, and never use the same password for multiple accounts. It’s also a sensible idea for websites to use a CAPTCHA system for added security.
• Banks and financial organizations make use of monitoring systems to prevent phishing. Individuals can report phishing to industry groups where legitimate actions can be taken against these fraudulent websites. Organizations ought to offer security awareness training to employees to recognize the risks.
• Modifications in browsing habits are required to prevent phishing. If verification is required, always communicate to the company personally before entering any details online.
• If there is a link attached to an email, hover over the URL first. Secure websites with a sound Secure Socket Layer (SSL) certificate begin with “https”. Eventually, all the sites will be required to have a valid SSL.

Don’t take the bait, save yourself from click-baits

Generally, emails sent by cybercriminals are masked so they appear to be sent by a business whose services are used by the recipient. A bank will not draw out personal information via email or suspend your account if you do not update your details within a certain period. Most banks and financial institutions also often provide an account number or other personal details within the email, which ensures it’s coming from a reliable source.