Phishing is one of the most common scams to steal personal information. However, it is possible to avoid it if you are aware of what to look for.
What Is Phishing?
Basically, phishing is the process of faking an identity to pose as someone or something you easily trust and then dupe you into giving sensitive information like password, username, etc. The target is to steal money from you. Just imagine, the average loss after a phishing attack for a medium-size company is $1.6 million.
Common phishing scams that people face on a daily basis include bogus emails posing to be trusted institutions like major banks and the U.S Internal Revenue Service. Higher level scams are finely crafted and look so much like legitimate messages from sites you usually transact business with. As Wombat Security State of the Phish reports, 76 % of businesses fall victim to phishing attacks in 2017.
Here are some of the most common types of phishing scams and how you can avoid them.
1. Your Account Will Be Or Has Been Suspended, Disabled Or Locked.
Phishing scams thrive on scare tactics. Warning a user that his or her account will be or has been suspended, disabled or locked will prompt them into action to share their personal login credentials.
2. Fraudulent/ Irregular Activity Has Been Detected In Your Account, Or It Needs A Security Update.
Another commonly used tactic following close to the #1 is that scammers will warn you that they have detected fraudulent or irregular activity in your account or that the account needs to undergo a security update which is mandatory for all account holders. Users mostly login without double checking to permit this “security” update.
3. You Have Received An Important Or Secure Message.
This phishing scam is mostly common to financial institutions, but some also pose to be from popular e-commerce web-sites. Since financial institutions do not send details of customers in emails, users will have the tendency to click on the given link or even open the attachment in the email if it poses as an important or secure message.
4. Tax Themed Phishing.
Every year, there are a lot of phishing scams under tax theme right before the tax time in most countries. Some of these tax themed scams include updating the information in the filing, eligibility of users to get a refund of tax or even warnings that tax money is owed to the tax department. One thing to keep in mind is that IRS still stick to the method of sending snail mail and do not resort to communicating through text message or email.
5. Phishing Based On Attachment With Varying Themes.
A new trend that has been spotted quite frequently in the recent years is that scammers are resorting to varied theme lures. They attach an HTML page instead of offering a link to the external web site and ask the users to click on this secure page which will require the user to enter financial information and login credentials.
Ransomware encrypts data (makes data inaccessible to users) and tries to use the same fear tactics like phishing. They wish to make the attacked person panic and give in to paying ransom.
What To Avoid
Here are some tips on what not to do if you want to avoid phishing scams.
1. Do not open links on emails sent by unknown senders.
2. By all means, avoid downloading attachments if you were not expecting that email.
3. Stay away from shortened links such as Bitly URLs which come from unknown sources. Scammers often disguise their malicious URL links by offering a shortened form of the links you are familiar with. If you are not sure about whether a link you got is authentic or not, try to hover your curser over it. Very often, the full URL usually pops up.
4. Important tips you can keep in mind is to keep security and software patches updated all the time, using more complex passwords, keeping different passwords for different web sites, and keeping a two factor authentication process when you can.
5. Most of all, DO NOT share your personal information through instant messages, text message, social media platforms or emails.
6. You should also turn on the spam filtering feature in your email provider or install one yourself from a reliable service provider. It is important to give up the habit of mindlessly clicking on links that you do not know. As a matter of fact, you should not even click on links that you get from close friends or family if there is lack of any content or personal message in the email.