Everything you need to know about phishing
Imagine it is your parents’ anniversary and you are away from home. You decide to send them a bouquet and a cake through one of the online stores you find on your Google search results. Once you select the flowers of your choice, you are direct to the payments page, where you enter your debit card details. The payment is successful, but a few days later you find that the entire amount in your account is debit by some unknown entity and you are shocked to know that you were a victim of cyber fraud.
Such scams happen on a day to day basis, wherein a cyber attacker tries to illicit your personal information online through fraudulent means. They do this through emails, social media, and fake websites. Certain emails which state that you have won a million dollars or random messages that don’t seem to make any sense are mostly fraudulent emails. They are sent with the motive of gathering your personal credit card details or to plant a virus on your system through which they can monitor every keystroke of yours.
Phishing is one of the most common ways through which online scamsters trick innocent web surfers. In this article, we will draw light on what phishing is and how you can protect yourself from being a victim of such vicious cyber criminals.
What is phishing?
Money Sense describes phishing as a way of obtaining sensitive personal information such as your account details, PIN, One Time Password, credit card number, user ID or password through the internet. Once cyber criminals have access to your personal information, they can use it to make unauthorised transactions. These days phishing is one of the easiest forms of cyber attack to carry out.
As mention above, it is usually carrying out through emails, social media, messaging apps, etc.
Types of phishing
Not that you should be doing a pHD in the subject but as consumers it is imperative that you are aware of the different types of phishing. The first type is regular phishing. In this type of attack, the scamster collectively targets a group of people. So a fraudulent email would be sent to multiple people blindly. Such mail usually has a link that is directed towards a webpage that appears to be of some service company, asking you for your personal details.
The second type of attack is calling ‘spear-phishing’. This is a more targeted version of the regular phishing attack. Here the cyber criminal will harvest information from social media websites and other such sites. A phisher may also target an organization if they know the domain and the user account naming convention, and generate names that follow that pattern in hopes that the attackers get a bite. Whaling is like spear phishing but targeted at upper management of an organization as an attempt to exfiltrate sensitive company data.
What should you watch out for?
Phishing attackers live by the words ‘looks are deceptive’. They resort to deceptive tactics to get victims to do what they want them to do. This could be by installing malware onto their system or by getting you to give your login details or your personal financial information. Ideally, you should be wary of emails from unknown sources. Be careful even while opening emails from your bank because many times, fraudsters mimic the brand and logo of your bank and pose as someone familiar to phish for your personal data. Any time you notice a badly written email with lots of spelling and grammatical mistakes be smart enough to avoid it.
Another way to detect phishing email is most of them tend to have shortened or really odd URLs or links. Many examples of phishing attacks will request you to click an official-looking URL. However, if you look closely you will find that while the text seems like the legitimate link, the actual web address is different.
You can also spot a phishing email when you see a strange or mismatched sender address. These emails look exactly like an official email. Quite often even the grammar is in place, but the only thing fishy will be the sender address which won’t match the original company’s email address. You also need to bewary of emails and messages that sound too good to be true. We covered the ‘Congratulations, you have won a million dollars’ above. There are many such emails, which make such tall claims only to fool you into giving in your sensitive personal information.
The only way to guard yourself from phishing is by being aware of how it is done. We hope the information above will help you watch out for suspicious emails and stay away from them. Also, you need to be careful of the information you post on your social media profiles as phishing attackers usually harvest their data from these sites.
Bugis Licensed Moneylender
Office address is 149 Rochor Road #01-07 Fu Lu Shou Complex Singapore 188425. Contact us at +65 6266 5422 to get information immediately.