PHISHING CAN BE AVOIDED

PHISHING CAN BE AVOIDED

Back in the teenage days, have you or one of your friends ever tried prank calling someone as a celebrity and they end up believing you? Now imagine if a criminal mind is placed in your position in a situation like this, to what extent he/she can go to acquire whatever information he needs to fulfill his malicious goals. This is the basic concept of phishing, pretending to be someone you know or trust or report to in an organization and then asking for sensitive and private information. Phishing is a crime and has to be dealt with serious measures and precautions.

The term phishing is born from the combinations of words Private and Fishing. The most common form of phishing in the today’s cyber era is Phishing Email. You might receive emails from email id’s that might look exactly like someone’s email id you know but they are actually not. In a recently reported case to Kloud 7, few key employees of the company were receiving an email from their boss’s email id asking for some sensitive information and requesting for urgent direct wire transfer from the accounts department. In this case if the boss’s actual email id was boss@company.com, they were receiving emails from boss@company.co. In first look there does not seem to be much difference in both the email addresses and in hurry we all can make mistakes we might later regret, but there are multiple ways to deal with this problem. There are various examples on how phishing emails might look like. Let’s see how to avoid this problem and what precautions we can take to stay safe from such criminal activities.

 

Phishing

 

URGENT ACTION REQUIRED. Impostors often comprise urgent “calls to action” to try to get you to respond straightway on impulse. Be suspicious of emails comprising phrases like “your account has been compromised,” “urgent action required,” “your account will be closed.” The hoaxer is taking benefit of your concern to trick you into providing sensitive and confidential information.

FAKE WEB SITE LINK. To lure you in to the trap so you disclose your login credentials, fraudsters sometimes include a link to a sham web site that looks like (occasionally exactly like) the sign-in page of a genuine website. Only because a website has a genuine company’s logo or seems like the real website doesn’t mean it actually is. Logos and the appearance of legitimate websites are easy to copy. Beware of following n you emails:

Links comprising an official company name, but in the wrong location. For example: “https://www.yahoo.com is a fake address that doesn’t go to a real Yahoo! web site. A real Yahoo! web address has a forward slash (“/”) after “yahoo.com” — for example, “https://www.yahoo.com/” or “https://login.yahoo.com/.”

UNOFFICIAL “FROM” ADDRESS. Look out for a sender’s email address that is similar to, but not the same as, a company’s official email address. Fraudsters often sign up for free email accounts with company names in them (such as “ysmallbusiness@yahoo.com”). These email addresses are meant to fool you. Official email from Yahoo! always comes from a “@yahoo-inc.com” email address.

FAKE LINKS CAMOUFLAGED WITHIN LEGITIMATE LINKS OR VICE VERSA. Impostors occasionally include legitimate links in their fake pages, such as to the terms of service pages and genuine privacy policy for the website they’re impersonating. These legitimate links are mixed in with links to a fake phishing website just to make the spoof site seem more genuine.

GENERIC GREETING. Fraudsters often send out hundreds or thousands of phishing emails in a single go. Their target list might have your email address too, but they rarely have your name. Be doubtful of an email sent with a generic greeting such as “Dear Member” or “Dear Customer”.

 

Although there are precautions, but somehow we all can slip up and fall for the trap. It’s always wise to stay on top of your backup and security game. Even if you fall for such traps, a good data security and backup provider can always help in mitigating the damage and totally alleviating the possibility of similar traps in future. Kloud 7 is a leading data backup and security provider in the states and all our customers are leading corporate entities who value their information and take best measures to protect them. A few other techniques you can use to stay away from being a phishing victim is by inducing the following practices in your daily routine:

  • Do not give out information about your organization or personal information, including its networks or structures, unless you are convinced of the individual’s power to have such data.
  • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Be wary of unsolicited visits, phone calls or emails from persons demanding about staffs or other internal data. If an unknown individual asserts himself to be from an authentic organization, try to verify his/her identity directly with the said company.
  • Always pay attention to the URL of a website. Mischievous websites may look indistinguishable to a genuine website, but the URL may use a deviation in spelling or an unlike domain (e.g., .com vs. .net or .co).
  • Make full use of any anti-phishing features offered by your email client and web browser.
  • Get managed services from reputed service providers like Kloud 7 to install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
  • Avoid sending out personal and sensitive information over the Internet before checking the website’s security.

To get a free managed services and data back and security audit and free quote, contact Kloud 7 today at info@kloud7.com.

 

36811_01_one_third_of_phishing_attacks_aimed_at_financial_institutions_full

No Comments Yet.

Leave a reply

Sign in
classic
Forgot password?
×
Sign up

(*) Required fields

I agree with OptimaSales Terms & Privacy Policy

×