What are scam emails and how to recognize them? With these tips, you should have no trouble protecting yourself from any kind of phishing attack. As a report from the Anti-Phishing Working Group (APWG) revealed earlier this year, there was a significant increase in phishing attacks. It is a widespread problem, which involves a huge risk for individuals and organizations (for example, there were more attacks in the first quarter of 2019 than in any other quarter of history).
Needless to say, it’s something we all need to be aware of, as these types of attacks won’t disappear soon (never). But don’t worry, as our guide will help you keep these criminals at bay.
Insight: How to block Phishing without installing any program
Before going into it, here is a brief overview of what phishing is. In short, cybercriminals or phishers, not only try to steal the identity of anonymous people but also take advantage of the dismissal of employees to obtain confidential information from any company. It is interesting to note that phishing – in one way or another – has existed for years through telephone calls and scams even with physical letters.
Some security professionals now believe that cybercriminals consider phishing attacks an effective (and easy) way to get into a company and launch more sophisticated attacks. After all, humans are increasingly seen as the weakest link and therefore the most effective target for criminals seeking to infiltrate a business or SME.
Follow the suggestions below and keep better protection against phishing attacks.
Are you interested? Two words on the security of computers connected to the network
1. Be sensitive when it comes to phishing attacks
You can significantly reduce the chance of being a victim of phishing attacks with sensitivity and intelligence as you browse online and check your emails.
For example, as Bruce Burrell of ESET recommends, never click on links, download files or open attachments in emails (or social media), even if they appear to come from a known and trusted source.
You should never click on links in an email to a website unless you are absolutely sure that it is genuine. In case of doubt, it is necessary to open a new browser window and type the URL in the address bar.
Be wary of emails that require confidential information, especially if you request personal data or bank information. Official organizations, including your bank, in particular, will never request sensitive information via e-mail.
So what to do … to keep your online bank account safe
2. Pay attention to shortened links
You should lend particular attention to shortened links, especially on social media. Cybercriminals often use these – from Bitly and other abbreviation services – to make you think you’re clicking on a regular link when in reality you’re about to be inadvertently directed to a fake site.
You should always place the mouse on a web link in an email to see if the right website is actually sent to you, or “what appears in the email text” is the same as “what you see when you pass the mouse “.
Cybercriminals can use these “fake” sites to steal personal data or execute a drive-by-download attack, thus infesting your device with malware.
3. Does that email seem suspicious? Read it again
Many e-mail phishing they are quite obvious. They will surely have many typos, uppercase words, and exclamation marks. They could also have an impersonal greeting – think of those greetings “Dear Customer” or “Dear Sir / Madam” or present implausible and generally surprising content.
Cybercriminals often make mistakes in these e-mails … sometimes even intentionally to overcome spam filters, improve responses and eliminate “smart” recipients who will immediately realize that it is a scam.
4. Be wary of threats and urgent deadlines
Sometimes a reliable company needs you to do something urgently. For example, in 2018, eBay asked its customers to quickly change their passwords later data breach.
However, this is an exception to the rule; usually, the threats and the urgency – especially if they come from what they say, from legitimate companies – they are a sign of phishing.
Some of these threats may include warnings about a penalty or advise you to do something to prevent the closure of your account. Ignore terror tactics and contact the company separately via a known and trusted channel.
5. Surf safely with HTTPs
You should always, where possible, use a secure website (indicated by https: // and a security “lock” icon in the browser address bar) to browse, and especially when you send sensitive information online, such as data from your credit card.
Never use unsecured public Wi-Fi for banking, purchases or entering personal information online (the practicality must not exceed safety). If in doubt, use the 3 / 4G or LTE connection of the mobile phone.
Also read: Are you protected during your online banking operations?
Phishing remains the most widespread online counter and has long been a very effective method for scammers to steal people’s sensitive data. “One percent of emails sent today are phishing attempts,” according to Jigsaw data.
In fact, many incidents start with a user who simply clicks on a malicious link or opens a dangerous attachment that is commonly provided by e-mail or social media.
Although e-mail filters do a good job of recognizing many of these scam attempts, some fraudulent e-mails will continue to pass. This is where phishing-spotting skills can be critical, as is anti-phishing protection which is commonly part of reliable security software.
I advise you to enable two-factor authentication (2FA) where possible, if you have not already done so.
The additional factor offers a valuable additional level of protection in exchange for minimal effort. It is better implemented through a dedicated hardware device or delivered through an authentication app, rather than via text messages (although SMS is still better than nothing).