How to Prevent Phishing Attacks
What’s a phishing attack?
Today, let us get deep into one of the very important topics and find out the secrets and how to protect ourselves. I’m going to talk about How to Prevent Phishing Attacks. Also, I will explain what is phishing.
What is Phishing Attacks
Phishing Is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, and credit card details. By disguising oneself as a trustworthy entity in electronic communication. Typically carried out by email spoofing, instant messaging, and text messaging. Phishing often directs users to enter personal information at a fake website that matches the look and feel of the legitimate site.
To simplify this let’s say I want to steal your social information or your credit card number, How would I do that? I’d have to steal it physically or I would deceive you to make you give this information voluntarily, I might sell you something, give you a false alarm about your bank account, anything really.
Techniques of Phishing Attacks
There are so many techniques, hackers used to send SMS, Phone calls. So, in this article, we’ll be focusing on Email phishing because it’s the most common and easiest way to get scammed.
Email phishing
PayPal email got suspended
The first common technique is an email that says that my PayPal email got suspended. The title would be something like this “Your account has been suspended (Ref – 99586109144)”
The email itself looks very very persuasive, I remember the first time I saw this email, I had a panic attack and started screaming, oh no god, no. But then after I clicked on the link I figured that it’s a scam. And by the end of this article, I’ll tell you how you could differentiate between legitimate emails and scams.
The email would be looks like this
Re: Your recent purchase from app store
“Re: Your recent purchase from app store“. You might see this one in your inbox and start saying to your self I did not make this transaction. How ??! it looks like I might be in trouble.
The truth is that the purpose of this type of technique is to make you feel anxious, freeze your reasonable thinking, and make you think that you got scammed.
In this type of email, you would probably get a link or a PDF file, either are very harmful, if you clicked on the link you would be redirected to a page where you will be asked to enter sensitive information like your birthday, address, and credit card information.
If you got the PDF file and downloaded it then congratulation. You had infected yourself with a virus that might steal all your information, passwords, emails. You name it!
Sometimes it might be a Ransom virus that would encrypt your files and ask for a ransom to decrypt them.
This is what the email may look like
Re: Your name
Adult attribute, “Re: Your name”
The easiest way to trick any guy would be through playing on his most basic instincts which are sexual intercourse.
Most people tend to be happier when they feel that they are desired by others. No matter their sexual orientation, age, or if you are in a relationship or not. It’s just something you can’t resist.
So, sometimes I get an email like “Amr, this is your lady Morning”, Just like that nothing more.
The first thing that any man would think ” Oh finally I got my lady HORRAYY”. Probably would reply to the email and say something like ” I’m your man my lady” or any other stupid phrase, all he’s thinking about is sex.
When I was working as a security engineer I had a case where a man from a wealthy family. He was an accountant in a very reputable bank and he met a girl on Facebook. They started to have a Cam show, the girl was a supermodel. She recorded him while he was naked, doing inappropriate things. And then after she had enough recorded materials he got a call from Morocco from a guy asking him for 5,000 USD or he will publish his videos on adult websites.
He was crying because he might lose everything, I advised him to not send him any money. He has to live with it because no matter how much money he sends this criminal would always have leverage on him.
This a truly sad story and it happens every day. So, you might think twice before making any online relationships.
This what the email looks like
How to differentiate between an authentic email and a bad one
The first thing is to look at the sender’s address, most of it would look like a fake address, a large amount of number, gibberish addresses. It even might look like [email protected] or something like that.
Always look at the email address, does it looks like an email coming from a good source?
Unfortunately, this is not always something you can count on. They might be using something called an email alias which means the original email address would be something but it will look like something else on your end. So, be very careful.
How to Prevent Phishing Attacks
- Use powerful Antivirus I personally use Kaspersky Internet Security.
- Look at the sender’s email address for any suspicious activities, authentic emails would always come from “[email protected]”.
- Don’t open or download an attachment unless you have scanned it first.
- Don’t try to accept any requests from strangers, unless you know them well, don’t trust them.
- You shouldn’t get scared easily because hackers always play on fear or your most basic instinct, if you got an email that says your account has been suspended tell yourself so what?!
- Don’t open any links without having a very powerful antivirus.
Other techniques on How to Prevent Phishing Attacks
Sometimes you might get a message from a friend whether it’s on email or Facebook asking you for a code that’s to your mobile, he might tell you that you would have to give it to him because your naked pictures would spread on the internet if you don’t give him the code.
What you don’t know is that your friend’s account was hacked and the one who’s talking to you is the hacker and he is trying to hack your account too, once you feel scared and give him the code you will be giving him your account on a golden plate, so don’t.
Summary on How to Prevent Phishing Attacks
- Don’t get scared there’s nothing that’s worth it.
- Don’t open any links from strangers.
- If you ever found yourself on a page that asks for your email/passwords/credit card information/birthday or any other information check the URL carefully and verify the website.
- If you ever suspect the URL then deal with it as a scam until you completely make sure it’s safe.
- Some websites might ask for your mobile number and then ask for an OTP code that you would receive as an SMS, take care of these pages because many of them would charge you “This is different from 2FA authentication that is used to enhance the security”
- Use Antivirus.
- Don’t download files from unknown addresses.
- If you got a file from a known source scan it first with a powerful Antivirus.
That’s all for today if you like it share it with your friends.