Bartek Leave a comment
Phishing – what is it and how not to get tricked?
Have you received a suspicious email? Don’t you know how to recognise phishing? Find out what to take into consideration not to get scammed!
The internet has become our daily routine and part of digital identity. Nothing on the web is totally lost – a browsing history, conversations or bank account credentials are important not only to us, but also to hackers. How not to get caught in a phishing scam and how to protect your sensitive data?
What is phishing and where does it come from?
Phishing is a sort of online scam involving stealing personal data, including credit card numbers, passwords, bank account data or other confidential information. Phishing is one of the easiest, most effective and most dangerous types of cyber attacks. There are many forms of phishing, but what they all have in common is acquiring user values under false pretense.
How to recognise phishing?
Perhaps one of the most popular phishing attacks is creating a copy of previously delivered, real emails sent to a user. To make the attack even more efficient, a scammer pretends to be a member of widely recognised institutions and companies, such as offices, banks, courier companies or auction platforms. Fake emails have an attachment or link redirecting to a false website which looks remarkably like the authentic page of a given company. When the user logs in to their account, criminals obtain credentials.
When we download an attachment from the fake mail, our device will be infected with infostealer software which steals data from social media, bank and email accounts. When opening a file, we can also allow criminals to take remote control over our computer.
Despite appearances, if we are careful, phishing can be easily recognised. Emails usually contain stylistic or spelling mistakes. They result from poor translation into Polish. They are designed in a way that they can scam anyone they are addressed to – a phisher doesn’t have a specific name and surname. Moreover, scammers often use URL addresses deceptively looking like the ones of a legitimate company. They can have a name of the original address with extra letters or changed words, e.g. “www.bankname.pl/log” instead of “www.bankname.pl/login”.
How to protect yourself from phishing?
The first line of defence against phishing is spam filtering. An anti-spam filter blocks a message already before it gets to your email box. When we get a suspicious email e.g. from our bank account, it’s better not to click on the links and attachments, but enter the website address manually in the browser. Spelling mistakes in the URL address or message content will be equally suspicious – e.g. “0” used instead of letter “O”. It is also worth to regularly update your browser and use correct securities.
Emails vs push notifications
While keeping cool heads, we should not be afraid of becoming phishing victims. Electronic mails are a very good channel of business-client communication. Push notifications are alternative to emails. In this case there is no need to provide an email address, name or phone number. Push notifications are one of the safest ways to receive customised information from favourite websites or blogs. User’s willingness to join the subscribers’ base is not confirmed by email, but just from the browser level.