There’s a threat online that’s become all too familiar to internet security professionals. These phishing attacks, as they’re called, typically come in the form of an email that looks totally normal and genuine, with the aim of convincing the email recipient to provide personal information like passwords, credit card details and banking information. Hackers may also target organizations and private agency employees to steal sensitive data. Even organizations with the high standard of security have fallen victim to these attacks.
Internet marketing companies use a whole lot of online accounts that deal with company and client information. Here at TechWyse, we use a plethora of tools and software for secure and efficient client and resource management. The great peril here is that the login details are shared among a number of employees. This warrants the utmost attention to information security in our company.
Some phishing emails come with malicious programs such as keyloggers. It is very hard to guess the legitimacy of an email by looking through the content. However, here at TechWyse we’ve developed an intricate process for protecting ourselves and our clients from phishing threats. In this article, we share the top 10 tricks we use to spot fraudulent phishing emails.
1. Double check the origin of an email before responding to it. Never share anything with an unfamiliar email address. Attackers can easily create a seemingly-normal email address to gain the trust of their victims.
2. Double check the URLs before filling in login forms. This is very important because hackers can create fake URLs and login pages. Sometimes they mask fake URLs with URL shortening services. Here is a simple example of how people give out their Facebook login details.
3. Never share bank related information via email. Legitimate emails will never ask you to share sensitive information. Most phishing emails are sent out for this purpose.
4. Never use login forms embedded in emails. Instead, access the webpage directly from your browser.
5. Don’t forget to check for security certificates or valid SSL authentication before submitting login forms.
6. Check and ensure the legitimacy of emails by searching for their domain on Google. For example, legitimate companies will never use public email providers like Yahoo, Gmail, Outlook etc.
7. Check the webpage layout, URLs and components on their website when submitting logins or transaction forms. However, hackers are able to create fake login forms that look genuine. It’s important that you’re aware of this and look for signs.
8. Emails narrating a tragic story of a princess from a faraway country who will transfer her multi-million dollar inheritance if you can send a short term loan. I’ve received a ton of these. If you respond, they will ask you to share personal information.
Here’s an example:
9. Some hackers ask you to share your biographical information or resumes. Always ensure the legitimacy of the request by searching about the job offer or company mentioned in the email.
10. Emails saying you’ve won an expensive prize that you can only claim once you’ve provided personal details. If it seems too good to be true, it probably is!
It’s important that you’re aware of all the mishaps that can occur online. Phishing is the most common type of malicious attack, but there are other ways for fraudsters to get a hold of your information. Keep your guard up and stay on the lookout for all kinds of attempts to steal information.