The kind of modern technological advancements today brings much information leaving your digital footprints online. As the data increases online, sophisticated forms of cyber-attack are widespread around the world.
Phishing is a method of gathering personal information using false email and deceptive websites.
The latest attacks continue to play a dominant role take a look for example, “Verizon Enterprise found that phishing was the second topmost threat action variety in security incidents and the topmost threat action variety in data breaches. It, therefore, comes as no surprise that more than a fifth (22%) of data breaches analyzed by Verizon Enterprise’s researchers involved phishing in some way. Tripwire”.
This information can be used to create believable emails and will be forwarded to the victims. The attacks come on social networks asking you to click the attached link. In your email, they will send you a message asking to change your password or update your credit card information.
Actually for those, none tech-savvy, phishing messages are difficult to know if it is real or fake. Those messages come with big company names, embed logos, and other collected data posted on a dummy website.
- They will create a legitimate cloned website.
- The login page is pointing to other linkages capturing your credentials to different sources like text files. Or the phishing script uploaded to the hacked website.
- Emails are sent to the targeted victims.
- The link provided in the email asking you to log in.
Phishing messages often tell a story to trick you like:
- They notice suspicious activity logins.
- Issues in your account or payment.
- Confirmation of personal information.
- Included fake invoice attachments.
- Click a link to make a payment.
- Say you are eligible to register.
- Coupon offerings or something freebies.
How to avoid being scammed?
- Do not post personal data online like birthday, vacation plans, addresses, or phone numbers publicly on social media.
- Check the website link if it is legit or not. (example; “gmail.com” is not equal to “gmail.abcdefg.com”, this is hosted from a different domain not under Google domains. )
- Verify site security by checking the URL, and make sure that the website begins with “https” with a closed lock icon near the address bar.
- Check your online accounts regularly and get a habit to change your password too.
- Keep your web browser up to date and use safe browsing features.
- Always be careful about pop-ups it may contain scripts that are harmful to your computer.
- Do not install unknown software on your computer.
- Install updated Antivirus Software for your protection.
- Keep updated security patches on your computer.
If you get an email asking you to click a link or open an attachment, think this.
Do I have an account with the company or know the person? If none, it could be a phishing scam, and so delete and block the sender.
Security awareness training can reduce the risk of a cyber-attack.
Think before you click.
Technopreneur. Foodie. Traveler. A Mozilla Representative in the Philippines particularly interested in earth science, cybersecurity, cloud services, market research, data visualization, and analytics.