phishing a technique used by cyber criminal who try steal your confidential info by pretending to be someone you trust.For example, you may receive an email that seems to have been sent by your bank asking for your account details,but in reality would have been sent by a phishing expert. Even though the email seems very real,it is actually sent by a criminalize and is an attempt to steal your account password .phishing attacks have become even more dangerous and sophisticated today, since they accurately replicate the legitimate trusted source font and will seem to come from a real email address .Typically phishing attack can be in the following form :
1) Account upgrade, System maintenance ,software crash or some other mundane reason
2) SMS text message that seems as if your bank or relative or friend is trying to get in touch with you
3) Instant message asking you for confidential details about some online account
4) private message on Facebook containing a link that may take you to a page that looks like a long-in screen for facebook ,but actually is a fake log-in screen that steals your password
There are some Simple Things that you can keep in mind in order to avoid becoming the victim of phishing Attack :
1) Your bank or credit card company will under no circumstances ask for your password .Really .it will never happen
2) if the email you have received contains a link , do not blindly click on the link ,since it could potentially lead you to fake log-in screen or a malicious website ,or execute some other type of phishing attack .Before clicking on link ,your can find out where it is going to tack you by holding your mouse over it for a few seconds and looking at the status bar of your browser
3) you may receive an email that contains a like that look very authentic Even if you hover mouse over it may like the link to a legitimate ,trustworthy website .Take a look at the following web address -
http://www.icicibank.com@www.xyz.123$.com .At first glance this may look like a page on the website of ICICI Bank , but in reality it will take you to a completely different address which begins Separately after the @sing. such Simple URL obfuscation trick are commonly used by cyber criminal to fool unsuspecting victims. Please do not click on any link in these email,no matter how genuine and trustworthy it might seem.
4) Even if a link seems safe ,if it was sent to your from a dubious source ,you should avoid using it log in to any of your account .whenever you want to long in to any of your accounts. whenever you want to log in to any online account ( email,bank ,social networking site or other ) , always open the browser in new window,type the website address and then type the username and password to log in ..
5) Always check for 'http' in The URL address bar of your browser , before you enter any Confidential details on website .Typically, only trustworthy website will use 'http' and Phishing websites normally use 'http'
6) Make sure that you are on a genuine website by carefully reading the URL address bar .Watching out for website with spelling that are similar to the actul website .For Example ,make sure you are not on 'Online.citibenk.com' Instead ' online.citibank ' .Cyber criminal are know to register website domain names with a spelling similar to a trusted website.
7) A simple way to differentiate between a real email and a phishing email is to carefully look for your full name mentioned somewhere in the email.Usually , a cyber criminal will not know your full name and will instead use a use a generic salutation ( like 'Sir ' or your email address ) to address you.if you don,t find your full name or some other unique identifier ( credit card number ,bank account number and other ) mentioned anywhere in the email ,then you should be suspicious.
8) Another telltale sign to look out for is the fact that a phishing attack email will usually have a number of spelling or grammatical error
9) Most popular browser (like Google Crome ,Mozilla FireFox and internet Explorer ) maintain a list of know phishing website in their database and warn you whenever you are about to visit ant phishing website that appears in their databse.
10) if you receive a link and are not sure whether it is safe to click on it or not , you can check whether it has been reported as a suspected phishing website by submitting in to a site called PhishTank (www.phishtank.com) .This website maintains a comprehensive list of know phishing website and provides a quick way to check whether a website appears in that list or not if you link appears in their database ,it is bad idea to click on it .
Phishtank |
12.) There are commercial anti -phishing software tools available that provide yoy protection against phishing attack .for exmple, McAfree,s Site Advisor Live is a product that allows you to identify and protect yourself from risky websites. You can buy it Online from http://home.mcafee.com/store/siteadvisor-live.
13) most imp ,if you have never opened an account with a particular bank and they email you ,then it probably is a phishing attack.No matter how tempting their offer might be,do not click on any their links.
Note :- if you keep these simple tips in mind ,you won't have to worry about becoming a victim to phishing attack.
0 comments:
Post a Comment