Phishing – What is it and why shoud you care?

Nov 9, 2015360TS

Phishing

Phishing is a type of online scam aiming to solicit victims’ private information through emails or websites that appear to be trustworthy. Recipients are tricked to clicking on links or banners, which will instead bring them to fraudulent websites then cluelessly submit their personal credentials.

Phishing has long been an Internet scam and the attackers continuously renew their cheating methods to get people defrauded. Less tech-savvy users, especially retirees and seniors are more likely to fall victims of phishing. According to a report from Stanford Center of Longevity, senior citizens are 34% more likely to be swindled on Internet financial scheme than people in their middle age. Also, small businesses and entrepreneurs are particularly vulnerable due to the ill-designed security processes and protocols, usually deployed by larger-sized organizations.

Phishing attacks employ various forms to deceive Internet users, ranging from promotional emails to advertising banners. Among all channels, email is still the most prevalent one. While the contents may vary, the goal remains the same — click the trigger link. Phishing baits include threats to harm recipients if money is not paid, trending news and gossiping stories luring to read more, or complaints filed by recipients that need to be confirmed.

Are there ways to tell legitimate emails from phishing attacks? Here is a set of tips to distinguish suspicious messages, and this knowledge may help prevent loss of money and personal information.

Phishing is usually characterized by one of the following:
1. Generic Greeting: Instead of customised subject with recipient’s real name, phishing emails tend to use canned greetings such as ‘Dear Bank Customer’ or ‘Hello Facebook User’.

2. Urgent Response: Phishing attackers escalate serious situations to urge recipients to make response without contemplation. For example, recipients may be notified that their bank account is frozen and therefore prompt to provide bank info to unfreeze it.

3. Counterfeit Link: Do not rush to click on a link without checking its authenticity, for it may not really take you to its apparent destination. Spotting the domain name first also helps to confirm its authenticity. For instance, color-themed names such as .pink or .red are related to dating sites.

Despite the number of phishing tricks in the wild, one can still find ways to prevent them. It is important to be specially careful when entering sensitive information such as private credentials and bank info. Combining these precautions with a security solution would reduce the risk of being victim to this kind of attack.