Like many other cyber-attacks, Phishing is also a form of fraud that is done through email messages, websites or a phone call with a purpose of stealing money. Phishing is basically a homophone of fishing, which means using a trap to catch fish. Phishing is also a most common type of social engineering attack used today. Here an attacker may send an Email to the target, claiming it is coming from a trusted source, known contact or an organisation. This email typically directs the user to visit to a website where they are asked to update personal information, such as passwords, account numbers, credit card details and more. Once they provide the details, it will automatically captures it and later they misuse the same. Sometimes the email sent to the target may contain attachment or links, which will install malicious malware on the user’s PC.
Today one of top causes for data breaches is Phishing. People today are aware of these types of attacks and are taking legitimate actions for the same. This in turn, is making the attacker more cautious while using these attacks and they are using more sophisticated approach for the fraud, making is tough for the average person to identify the theft.
Researchers said tax season is the most popular season when phishing occurs. Because this is the time when most users are accustomed to entering their personal information like social security number, credit card details, and bank account information’s on websites. Which can then be used by the hacker to steal your tax refund.
According to the Anti-Phishing Working Group (APGW), recent annual Global Phishing Survey, in 2014 there were 123,972 unique phishing attacks worldwide. Companies are under constant attack, receiving 1,000 or more phishing attempts per month.
Everyday countless phishing messages, phone calls and Emails are sent to the victims all over the world. Out of which some of them are easily traceable and others are really difficult to identify. Unfortunately there is no software or technique that can tell a difference between the both. However, there are ways that these attacks can be avoided, if the victim will look carefully for some symptoms.
• Check the Email carefully: A phishing Email may duplicate the image of the real company and make it appear as if it is coming from a legitimate company leading you to a website that is designed to capture your personal details. Do not open spam mails. Do not open mail coming from unrecognised sender.
• Do not entertain email that will ask you to enter personal information. Do not respond with any personal information to these Emails.
• Beware of the phone phishing. You might get a call asking your account details for refund of money. The call may look genuine but the area code is been modified using VOIP Technology. Never give away your personal details over the phone call.
• If an email will direct you to a website, always check the website for its legitimacy. A secure website will always starts with “https”.
• Always make it a habit to check your bank statement regularly to make sure no fraudulent transaction has happened.
• Always keep the antivirus and firewall software updated on your system. Firewall will not allow any malware enter the system without your consent and antivirus will scan every file that coming to your system.
• Phishing does not attack in any particular language. In general, they’re poorly written or translated, so this may be another indicator that something is wrong.
• If you feel there is any suspicious activity do not entertain that, better to confirm with the bank or the source it is coming from before performing the function.
• Never Email your personal information to anyone, even to your close recipient. You never know when someone can get hold of your information and misuse the same.
• Try to keep different passwords for different accounts and keep changing the password which will prevent you from these attacks.
• Do not click on bank websites through any link. Use your system browser to go to a bank website.
These are just some of the examples to avoid being effected from any fraud that can happen to you. In the end only one thing that can help you from being trapped in this attack is the common sense and being a little more careful about your actions. Phishing is a growing crime and everyone must be aware of it. Although laws enforcement, government agencies and private sectors are working together to combat phishing, one needs to be educated and cautious to prevent this type of attack.