PC TRICKS | COMPUTER TRICKS: Avoid Phishing

Hacking Tricks Ethical Hacking

Phishing

is a form of social engineering technique used by

hackers

to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworty person/organization. Since most online users are unaware of the techniques used in carrying out a

Phishing

attack, they often fall victims and hence,

Phishing

can be very effective.

With the dramatic increase in the number of

Phishing

scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing

scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various

Phishing

techniques and stay away from it.

Identifying a
Phishing
Scam

1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.
In some cases,
Phishing
emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

Phishing

emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some

Phishing

emails can be an exception to this rule.

3. When you click on the links contained in a

Phishing

email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a

Phishing

website may use different addresses such as:

papyal.com
paypal.org
verify-paypal.com
xyz.com/paypal/verify-account/

Tips to Avoid Being a Victim of
Phishing

1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon Picture of the Lock icon

in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

In most cases, unlike a legitimate website, a

Phishing

website or a spoofed webpage will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of

Phishing

attack. Always double-check the security features of the webpage before entering any of your personal information.

4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

5. Report a “