What is phishing?
Phishing is a widespread form of cyber fraud aimed to trick a user into giving away sensitive information or to compromise a computer. A phishing scam involves sending a fraudulent email that appears to be from a secure source, such as a bank or other institution that may have relations with the recipient. The email often contains an urgent notice, a link and an attached file. If the recipient follows the link or opens the file, the scammer may acquire an access to his/her computer or may ask for additional sensitive data (password, username, card data and so on). Fraudulent letters are normally sent in bursts, to as many recipients as possible, which increases the chances of success.
How to protect yourself from phishing?
First of all, we should understand that some time any of us may become a target of phishing. Phishing attack is more likely to be successful if a potential victim's personal data are exposed (place of work, servicing bank, favourite shops, place of residence, areas of interest, etc.). Once you realize you may fall victim to a phishing scheme, make sure you observe the following:
- Do not enter your personal data to suspicious websites
- When entering your personal data – such as card data – to a website, always make sure the site bears a trust seal. A secure website URL starts with https:// and features a padlock
- Refrain as much as possible from sharing information on social networking sites, including Facebook, and other internet resources that may overexpose you to other users. The more personal data become publicly available, the more vulnerable you become to cybercriminals
- If you receive an email that asks you to follow a link or open an attached file, verify the email. If the sender appears to be your acquaintance or a familiar institution, check their contact details
- Do not trust mails that ask you to enter your personal data or banking details. A bank will never ask to provide sensitive information via email
- Check the website address. Remember that a fake website address may closely resemble the real one. Only one or several characters may be different
- Make sure you always use antivirus software
- Do not click on the link; copy it from the mail and paste to your web browser
- Hover your mouse pointer over the link to reveal its true destination
- If the sender is your acquaintance, this does not necessarily mean the letter is secure. Your acquaintance's computer may have been compromised and used for sending malicious letters.
- Do not trust urgent notices that require immediate actions. A call for urgent actions normally indicates that you are dealing with a cybercriminal
- Read the mail. If it looks unprofessional or contains errors, the sender may be a cybercriminal
Please remember that a phisher will try to trick you by adopting an image that is familiar to you. Therefore, check everything you find suspicious. This is the only way to minimize the risks.