What is phishing and how to stay safe from it?

How they manage to do that? They copy the identity of an genuine brand either it’s email, website, or the actual name of an employee or they pretend to be a friend, a family member or somebody else you know, so it appears that the message comes from a reliable source. The most common approach that hackers used to initiate this type of cyber-attacks was, until recently, the classic email. But, since social media networks and smartphones began to rise, phishing attack took over these channels also.

What is phishing? Let’s start with the name

As you surely guessed, the name phishing come from the verb “fishing” and was inspired by the activity of catching a prey using bate. Well, is true, that’s what we are for hackers, prey that they want to catch. Sometimes users make their job easy, but we want to be sure it won’t be your case. We will tell you all there is to know about this topic so you’ll stay protected from phishing, no matter how much hackers will try to steal it from you. Let’s start from the beginning.

How to Spot Phishing Attacks?

A trained eye could easily spot phishing scams, because there’s always some detail that is giving them away. Let’s go over the most common ones:

• They try duplicate the visual appearance of a real company. But that can do that only to a certain degree. It’s similar to spotting fake products. The truth is in the details. If you think something is suspicious try to compare it with the authentic company image and you will see more clearly that you are dealing with a fake.
• They use the name of an actual employee when they ask you for your data. But, hey, it’s easy to copy a name. It’s harder to copy a coherent, professional speech. So, try to read between the lines.
• They design sites that are very similar to the genuine ones. But once again, they can only go so far. The logo is in poor resolution, the content it’s not up to date, they have few interactive elements and so on.
• They are very dramatic when they ask you to write your personal data. For instance you may find out that your account has been compromised and they need your personal information fast, like yesterday, to fix the problem.
• They announce you won a big prize, because why not, you deserve it. All you have to do is to fill some forms to collect. A small effort for a trip around the world, or the money you earn in a year, right?

Prevent phishing by learning phishing types

You can say that sky is the limit when it comes to phishing attack types. It’s true, some have worked better than others, but see for yourself if you feel less or more vulnerable to these scams, from the list below:

A friend in need is a scam indeed

In this scenario you get an email from a friend or just a person you know, who is travelling in a foreign country and got himself into some trouble. For instance thieves robbed him. Well, the friend in distress needs your help, and it needs it as soon as possible in a bank account. What do you do? You sent the money, or try to contact the person to find out if the story it true?

Time flies

You were having such a good time on the website [insert name] or you were so pleased with the online services from the bank [insert name] that you didn’t even noticed how time passed away and your account has expired and it’s about to be deleted. Lucky for you, you got an email that warns you of this unfortunate event and also gives you the opportunity to extend your time as a costumer. All you have to do is write your data and the problem is fixed. In fact the problems are just beginning the moment you click that fake link.

The big bad virus

This phishing attack has its fair share of victims. It alerts you, that you are already infected and you need to fix this immediately before any serious damage occurs. Well, what are you waiting for? Your computer is in danger, just download the attachment or follow the link and let this out of the blue good guys help you.

The verdict: guilty of being gull

When somebody accuses you of something is natural to feel the need to defend yourself, even if you know that you didn’t do anything wrong. So, if you get an email, that blames you for doing something illegal like not paying your taxes, or taking some money that didn’t belong to you, what do you do? Well, some people just download the zip file that gives more info about the accusation and a complementary virus.

The overprotective bank

When you spent more money than you usually do, who is concerned about you and your financial well being? You might be surprised, but your bank is. Or, at least this is what a fake email wants you to think. It gives you a notice that a big amount was withdrawn from your account and advices you to follow a link where you could find out more about it, it you insert
your data.

The “we care about your opinion” routine

This one is sneaky. Because when you are a loyal customer to a brand, you have good or bad feedbacks regarding their services. So, if you get an email, in the behalf of a brand that asks you to give them your thoughts on some topic, you are inclined to follow the invitation. Of course before you speak your mind you have to fill some forms, so they identify you as their precious customer. It’s only natural? Or is it? Don’t they know who you are already, if they wrote to you?

How to stay safe from phishing?

Let’s see. We know, so far, that phishing is a hacking technique that tries to convince you to click on a corrupted or fake link. Let’s say you get an email from a website you previously visited and you trust. Like from your bank. The difference is that the link you access, although doesn’t seem suspicious, is a malicious copy of the actual site. Well, if you write your password to log in, or even better you write you financial information like your credit card details, we are sorry for you but you’ve just been hacked and your data was stolen. Unless you pay attention to some details that will help you protect yourself from phishing attacks. Here’s what you should do to prevent phishing:

Be a grammar Nazi

Phishing attempts are made in all languages, but the automatic translation is often poorly made. So, read the text in the email before you click the link. If you find any mistakes, stay away from it. Just think that a serious brand wouldn’t allow this type of errors in their message to customers.

Don’t be a pen pal with your bank

Banks will never ask you your personal or financial data through a mail request. Now that you now this you won’t let yourself tricked by false questionnaires, or random forms you need to fill out.

Remain calm when emails try to panic you

It’s a common phishing trick to use words as urgent or to induce a sentiment of panic with phrases like “your account has been suspended”. No sane brand, either their domain activity, will talk to you like that. If it’s scary it’s bait, so stay away from it. If you are worried that the bad news might be true, write your own email to the actual senders, and ask them about the topic in question. But don’t push replay, or copy the address from the mail you’ve just received. Do it manually, from your own data base.

Keep preventive software up to date

An antivirus might be a good line of defense, if some malicious software gets by your vigilance. So keep it up to date in order to be efficient in phishing protection business.

Look at the website’s URL

Malicious websites may look very similar with the authentic sites but the URL will very likely use a different URL. For instance .net or .org instead of .com. So, in order to prevent phishing attack in this case you have to look, not only at the name of the sender, as it appears in your email box, but also at the address that was used to send the email.

The best phishing protection is common sense

It’s true. A rational approach if it happens to interact with these scams is the best phishing protection. We say that, because, regardless of the form they take, they all try to trick you by appealing to your lack of attention or your trusting nature. But, now that you are well informed regarding what is phishing and how a phishing attack works it’s easier for you to spot them and stay away from them. Just remember that anything that it’s almost too good to be true, on the Internet it probably isn’t neither good nor true, and that you should double check anything that seems even remotely suspicious. Stay safe.