Understand Phishing to Combat "Phishermen" & Shield Yourself
Phishing is a process where cyber criminals use various methods to “hook” unsuspecting victims to click on malicious links or to reveal personal data. Just in case you are still struggling to pronounce it, the word “Phishing” has the exact same pronunciation as “Fishing”; what you do when you hide a hook under bait and toss it into a pool awaiting unsuspecting fishes to bite.
Similar to fishing, cyber criminals often dangle a bait to lure ignorant internet users to click on links so as to harvest personal information with or without permission. There are in fact several methods of phishing; the best way to prevent them is to be able to recognize them. Here are the common ones.
Learn from the Best
Jump To Section
Spoof Sites
As the name suggests, “spoofing” or creating fake websites that look exactly like the original ones familiar with the regular joe. However, little do unsuspecting explorers know, some fake websites are built to collect user data like logins and passwords for cyber criminals to login in again after you log out.
>> Before you punch in any password, check to ensure that you are indeed on the right page and not a fake one by checking the URL. Especially for bank pages, payment gateways, shared drives and even email login pages.
Earn As You Learn
Earn 25% commission when your network purchase Uplyrn courses or subscribe to our annual membership. It’s the best thing ever. Next to learning, of course.
Email with Malware / Spyware
This is the most common form of phishing where the “evil phishermen” cast a big net by means of sending several emails (probably from crawling robots or stolen) with attachments loaded with Spyware, Malware or Trojan Horses.
>> First, do not click links from strangers or unknown sources. And if you are extremely curious what’s behind it especially when it came from a super compelling EDA or ex-lover, then be extremely sure the link goes to a legit site. It is still recommended you DO NOT open any strange links unless you are ready to handle unfounded surprises…
Fake Email
It is uncommon to receive emails from cyber criminals who send emails with strange content that contain a strange weblink or an innocent looking attachment with a weird file name. These are fairly outdated methods and the more updated cyber criminals could send emails that can look almost identical to that of your regular telco, utility company, government office like the tax office or manpower authority. The uncanny resemblance fool many “unsuspecting fishes” who get phished!
>> Check the actual email address of the sender by right clicking on the name (may vary for different OS or platforms, but you get the idea?) and ensure that the email contents match that of the sender whom you might know. A friend of mine received an email from a “supplier” claiming that they have changed their bank account and requested that he transferred the payment for an invoice IDENTICAL to a REAL and OUTSTANDING invoice that my friend owed to the supplier. A good way to verify and avoid fake emails is to make a call to verify before clicking any link or opening any crazy looking attachment.
Spear Phishing
Spear Phishing is use of email or other electrical communication mediums to target a specific individual, group of people, organisations or business. Typically intended to steal data but may also attempt to install malware on the victim.
>> Perhaps the best way to avoid this is to understand the risk profile of yourself. Are you an individual that hackers will want to hack? Do you at your position at work have special access to some privileged information or perhaps you are a high net worth individual. Ah, but hackers could also target anyone who has a credit card…
Having strong firewalls and hardened firewalls and other cyber security tools can help to prevent attacks from hackers and brutes force attacks. However, there is no substitute to being careful and not clicking on malicious links that can lead to dire consequences.
You can check out my online course here.
Leave your thoughts here...
All Comments
Reply