English

Phishing , Its Types and Safety tips

What is phishing?

          Phishing is a type of cybercrime in which victim persons (Targets) are contacted by email, call or text message by someone pretending to be a legitimate source to entice individuals into providing sensitive data such as personally identifiable information, banking details, credit/debit card details and passwords.

How does phishing works?

Victims are tricked into giving up personal information such as their credit card data, phone number, mailing address, company information, etc. Criminals then use this information to steal the victim’s identity and commit further crimes using this stolen identity. Access important accounts can result in financial loss.

Common phishing attacks

1. Email phishing

Most phishing attacks are sent by email. The crook will register a fake domain that mimics a genuine organisation and sends thousands of generic requests. The fake domain often involves character substitution, like using ‘r’ and ‘n’ next to each other to create ‘rn’ instead of ‘m’. There are many ways to spot a phishing email, but as a general rule, you should always check the email address of a message that asks you to click a link or download an attachment.

2. Spear phishing

There are two other, more sophisticated, types of phishing involving email. The first, spear phishing, describes malicious emails sent to a specific person. Criminals who do this will already have some or all of the information about the victim like Their name,Place of employment, Job title, Email address and Specific information about their job role.

3. Smishing and vishing (Most Common)

With both smishing and vishing, telephones replace emails as the method of communication. Smishing involves criminals sending text messages (the content of which is much the same as with email phishing), and vishing involves a telephone conversation. One of the most common smishing pretexts are messages supposedly from your bank alerting you to suspicious activity.

Safety Tips

1. Learn to Identify Phishing- Urgency, Money Baits, Grammar Mistakes, Impersonal Messages these are few red flags to identify phishing

2. Don’t Fall into the False Sense of Security- Be Aware of Spear Phishing Learn to Recognize Targeted Phishing Tactics

3. Don’t Click on the Link- Triple-Check the Authenticity of Every Email & never Click on Links Inside Email Messages

4. Don’t Trust Unsecure Sites-Ensure the URL of the Website Starts with HTTPS & has closed padlock icon next to the URL.

5. Don’t Disclose Personal Information- Never Enter Personal Information on Suspect Sites & never Share Sensitive information on your social media

6. Update Regularly- Keep Your device Software Up to Date, turn On Automatic Updates

7. Block Pop-Ups to Prevent Phishing Scams- Use Popup-Blocking and Anti-Phishing Addons & Always Close Pop-Ups Using the X Sign in One of the Corners

8. Enable 2 Factor Authentication-Deploy Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) to Prevent Phishing

9. Enable Firewalls-Enable Filtering on Your Email Server, Use Network Firewall & Desktop Firewall

10. Raise Awareness- Keep updating your knowledge about cyberattacks and share it with your loved ones.

Share

You may also like

English

Understanding Cyber Crime

Understanding Cybercrime                 In simple language cybercrime is nothing but crime made by
English

Social Media Related Crimes and saftey tips

               In today’s social life every user spends an average of 2 to 3 hrs on social media every day.