How to detect and avoid phishing attacks
Phishing is a technique used by cyber criminals who try to steal your information by pretending to be someone you trust. for example, you may receive an email that seems to have been sent by your bank asking for your account details, but in reality would have been sent by a phishing expert or hacker . even though the email seems very real, it is actually sent by a cyber criminal and is an attempt to steal your account password. phishing attacks have become even more dangerous and sophisticated today, since they accurately replicate the legitimate trusted source. for example, they will have the real logo, will use the same font and will seem to come from a real email address . typically phishing attacks can be in the following forms.
1. Account upgrade, system maintenance, software crash or some other mundane reason.
2. SMS text message that seems as if your bank or relative or friend is trying to get in touch with you.
3. Instant message asking for you for confidential details about some online account
4. private message on Facebook containing a link that may take you to a page that looks like a log-in screen that steals your password
there are some simple things that you can keep in mind in order to avoid becoming the victim of a phishing attack.
1. your bank or credit card company will under no circumstances ask for your password. really.it will never happen.
2. If the email you have received contains a link, do not blindly click on the link , since it could potentially lead you to a fake log in screen or a malicious website, or execute some other type of a phishing attack. before clicking on a link, you can find out where it is going to take you by holding your mouse over it for few seconds and looking at the status bar of your browser.
3. you may receive an email that contains a link that looks very authentic. even if you hover your mouse over it. it may seem like the link to a legitimate, trustworthy website . take a look at the following web address firstname.lastname@example.org . At first glance this may look like a page on the website of ICICI bank. but in reality it will take you to a completely different address which begins separately after the @sign . please do not click on any link in these emails, no matter how genuine and trustworthy it might seem.
4. Most popular browsers (like Google chrome, Mozilla Firefox, and Internet explorer) maintain a list of known phishing websites in their database and warn you whenever you are about to visit any phishing website that appears in their database.
5. Make sure that you are on a genuine website by carefully reading the URL address bar. watch out for websites with spellings that are similar to the actual website . typically, only trustworthy websites will use ‘https’ and phishing websites normally use ‘http’.
6. if you receive a link and not sure weather it is safe to click on it or not, you can check weather it has been reported as a suspected phishing website by submitting it to a site called phistank(phistank.com). this website maintains a comprehensive list of known phishing websites and providers a quick wait to check whether a website appears in that list or not. if your link appears in their database, it is a bad idea to click on it.