With more and more people online, the chances of being attacked by malicious people also skyrocket. In fact, phishing attacks are the order of the day and even the most attentive people can “fall” into this problem.
As a report from the Anti-Phishing Working Group (APWG) revealed, there has been a notable increase in these attacks and, therefore, it is something we need to be aware of because they will not stop being there any moment.
So what are the factors to watch out for to prevent your data from being stolen? We thought we would include 5 steps in the guide you are about to read.
What is phishing?
Simply put, phishing refers to an attempt by cybercriminals to persuade users to hand over personal and sensitive information to them without their knowledge. It can happen in many ways and has been around for many years in various forms.
Cybercriminals generally implemented phishing attacks after they made the breach. For example, Ebay users were notified of a password change, only to be directed to another website to collect their details.
Some security professionals believe that many cybercriminals use phishing to effectively attack the company. In these cases, the human being is the weak link in the chain and the one most tempted to fall into error.
1. Be careful
In simple advice to reduce the chance of falling into a phishing attempt is simply the following: be careful. Therefore, our suggestion is to avoid clicking on links, downloading files or opening attachments in emails or on social media. Even if it appears to come from a reliable source.
You should never click on links in an email to a website unless you are absolutely sure it is genuine content. If in doubt, you should open a new browser window and type the URL in the address bar. Also, be wary of any emails that ask for personal details or banking information. If you want to hide your browsing from users and protect your Internet connection, use a free VPN to hide your IP.
2. Watch out for short links
While browsing, you should pay particular attention to all shortened links. You need to know that cybercriminals often use Bitly to trick you into thinking that you are clicking on a secure link.
You should always hover over a web link in an email to see if you have actually been sent to the correct website, ie “what appears in the text of the email” is the same as “what you see when it passes mouse over “. This is because attackers use fake sites to steal your personal data or to carry out an attack by infesting your device with malware.
3. Does the email look suspicious? Read it again
A lot of phishing emails are recognizable as they have typos, capitalized words or exclamation marks. They can also start with an impersonal greeting, etc.
Many cybercriminals make these mistakes in emails, sometimes even intentionally to bypass spam filters.
4. Be wary of urgent deadlines
It may happen that a respectable company requires users to take an action with a certain type of urgency. For example, in 2014 Ebay asked all of its users to change their password after a data breach. However, this is often an exception to the rule as threats and urgency, especially from companies that are believed to be fair, can be a real phishing signal.
The content of these emails may include notices regarding a fine or advice to take action to prevent a certain consequence. Ignore these attempts by companies unless you realize that indeed the company the email is talking about.
5. Browse securely with HTTPs
You should always, wherever possible, use a secure website (indicated by https: // and a “padlock” security icon in your browser’s address bar) to browse, and especially when submitting sensitive information online, such as card details of credit.
You should never use unsecured public Wi-Fi for banking, shopping, or entering personal information online (convenience shouldn’t override security). If in doubt, use your mobile’s 3 / 4G or LTE connection.
Incidentally, it should be easier to spot insecure and unsafe websites – Google, for example, is trying to better understand this by labeling sites that don’t offer adequate protection.
Start a new Thread