Everything you need to know about phishing

Phishing

!! Click here to discover our new eBook about Phishing. Free for the first 50! Limited time only !!
You were tempted to click, weren’t you? You shouldn’t feel bad because a lot of people fall into such traps. I offered you something valuable, free, but for a limited time. Cybercriminals are aware that it is easier to fool people than to break through security technology.
According to the FBI, phishing was the most common type of cybercrime in 2020, and phishing incidents nearly doubled in frequency, from 114,702 victims in 2019 to 241,324 victims in 2020.

So, what is phishing?

Phishing is a method of trying to gather personal information using deceptive e-mails or websites. What makes your data so valuable? Your data is considered a resource. A resource that helps them steal your money and/ or sell your data to advertisers.  As in fishing, the fish will be caught if the fisherman has good bait. There are several types of phishing: vishing (the telephone equivalent of phishing), whaling(a method to directly target important individuals within an organization), smishing(via text or SMS message), pop-up phishing, and so on.

Why people click?

People believe the sender is legitimate, so human error leads to the success of cyberattacks. Distraction is one of the main reasons people fall for phishing scams.  Imagine! You have a deadline, you are stressed to finish your task, and at the same time a colleague writes to you and asks for your help. Two minutes later, you receive an email: “We’ve updated our login credential policy, please confirm your account by logging into Google Docs.”. You click quickly, don’t waste time, enter your password. And ready, you were caught 😀 Distraction is quite a common occurrence for all the remote workers. More than half of remote workers today admit they are more distracted when working from home.

How can we avoid these attacks?

Be up to date with new techniques
New phishing scams are being developed all the time. The best protection against phishing is knowing how to spot it in the first place. Here  you can find some of the latest trends.
Verify the sender
Always verify the sender and the request is legitimate before taking any action. Don’t open attachments, click on links, and so on. No legitimate organisation will send emails from an address that ends ‘@gmail.com’. Most organisations, except some small ones, will have their own email domain and company accounts. If the domain name (the bit after the @ symbol) matches the apparent sender of the email, the message is probably legitimate.
Verify the links
A phishing email may claim to be from a legitimate company, and when you click the link to the website, it may look exactly like the real website. Never click any link without checking it out. You can hover over links to verify they are correct. Look for different changes in spelling, special characters, numbers in addition.  You can also verify links here: virustotal.com
Stop, think twice before you click!
If the email is urgent or trying to get you to act fast, stop and think about it. Who they are and what they want from you. Most phishing emails will start with “Dear Customer,” so you should be alert when you receive these emails.
Use Antivirus and Firewalls
Antiviruses scan files which come through the internet to your computer. It helps to prevent damage to your system, whether it’s a PC or a phone. If you make transactions or open emails from your phone, you have to be careful here as well. Firewalls provide protection against outside cyber attackers by shielding your computer or network from malicious or unnecessary network traffic.
Never give your personal information
We shouldn’t send personal data, such as a photo of our credit card or identity card. We should do this only if we have checked the above points and are 100% sure that is ok and necessary.
Don’t be swayed just because a correspondent seems to know a lot about you. These so-called “spear-phishing” attacks are a fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information.
You don’t have to wait to be attacked. You can train by taking this quiz or something similar.
Stay safe!

Post written by

Noemi Pongracz
Read more 24 posts
We know Noemi from college, where she caught our attention with an interesting presentation about her project. From that moment, we knew she had to be part of our team, and now she is responsible for everything visual.
Linkedin
Tags

, ,

Categories

Security

Comments (0)
Join the discussion
Read them all
 

Comment

1 × 2 =

Hide Comments
Back

This is a unique website which will require a more modern browser to work!

Please upgrade today!

Share