Last week I went through one awesome article on inventor of Electronic Mail System. Email has turned out to be a necessity in our life and it is very essential part of a corporate world. We daily receive a bunch of emails, but some of them can redirect users to unsolicited sites pages, where they are being asked to bestow login details, credit card numbers, debit card numbers, or any confidential information. Such emails are phishing emails, and their intention is, to get user’s sensitive details. The culprits behind such phishing campaign may swipe financial details.
Phishing is a growing concern now days and it can be done through fake phone calls, emails, open WI-Fi, clone phishing, and so on. We neglect essential safety precautions, while responding to an unknown email. Emails entice users to take prompt action that contain bad grammar, different hyper-linked URL, lottery or contest emails; are some of modern examples of a phishing email.
In this article, we will reveal about different techniques to find out a phishing email.
Improper Grammar and Spelling:
It is quite practical to check emails for proper formatting like grammar and spelling mistakes. For example, many fake emails use to write a salutation as “Dear Custmer” instead of “Dear Customer“. Users can easily gauge such silly mistakes, which can redirect them to fake webpage pretending to be a legitimate webpage. Companies always check their email for proper formatting and grammar and spelling mistakes, before sending discount or special offer emails to the customers.
Hyperlinked URL:
In a phishing mail, it may happen that when a user floats mouse over the link, it shows a different URL from the actual or legitimate URL. To check further, users can float the mouse over the address field in an email to match the domain name and the organization name. It is sensible to avoid such emails that carry different URLs and seem not legitimate. To verify such URLs, users should visit an authorized website of the company directly by typing URL into Address bar.
Immediate Action Required:
Many times phishing emails try to make users fret by tempting an email that requires urgent action from users. For example, “Account closure”, “Fraud activity going on your social media account”, or “Last day discount offer”, is some examples of phishing emails. Users always fall victim to such fake emails, and surrender their login credentials to attacker’s hand. Attackers could take advantage of human psychology and frighten users about potential loss or damage; as a result, users innocently click on phishing emails. To overcome from this anxiety, users should log in directly to the company website to reassure that everything is safe and secure.
Personal information:
Many users get emails asking for personal information in the name of organizations, banks, institutions, job providers, etc. If a user has contacted such authorities in the past it means they already have user details. Hence, such emails asking for user’s personal details might be phishing or fake emails. In this case, users should directly contact the bank or organization about the fake emails. Authorities always try to make their system strengthen. Users should report to the authority, by reporting such issue will help other users and customers from future scams.
Lottery Scam:
You have won a lottery or prizes! Every single user receives such notification in the email now days. However, it is a traditional trick of phishing, but until date, it has made many users victims of a phishing fraud. Such emails offer millions of dollars that even a user never imagined in a dream. It is obvious that if a user has never bought a lottery or taken part in any kind of lottery or contest, he or she will not be able to get a huge amount or prizes. These emails always target greedy people who always look for easy money.
Attached Files:
Many phishing emails come with a malicious attachment. If users click on them, it can infect a user’s PC system. Currently, an Ebola virus is spreading havoc among the world. In this perspective, Symantec observed a phishing campaign that lures email readers to download presentation designed for an Ebola Virus. Once users click on the attached zip file, the Trojan malware starts its activity in the background without the user’s awareness and captures the sensitive information from PC.
Donate Your Money:
Natural calamity, disaster or any international issues always remain ripe fruits for attackers. During such calamity, attackers send fake emails asking for donation to victims and play with the innocent people. If a user hands over his or her credit or debit card detail, attackers can steal money and make users victim. Users should get the complete information on about such social movement before giving any donation.
Tips to Protect You:
Recently, PayPal has started an online quiz on its website named “Can You Spot Phishing?” Here, users have to give answers to each question. After selecting a choice of answer, a participant will get the correct answer. Users can get enhanced knowledge about phishing by participating in this quiz. Some useful tips to protect from phishing fraud are as below.
Email Setting:
Allow emails only from senders whom you know very well. Users can set alert for junk, spam, or unknown emails in their email platform. In Gmail, even users can mark an email as “report a spam”, it will be counted as a spam mail and will be redirected to junk folder or spam folder next time. It will prevent users from accidentally responding to a phishing email. However, email providers have taken fake emails seriously and adopted technology that automatically filters unknown senders or phishing emails. Even users can manually make changes in an email account. It is sensible to erase all junk mail on time.
Antivirus Software:
Many antivirus products offer phishing protection with additional security add-on to the browser. This add-on protects websites and stop attackers from stealing security credentials. Even the antivirus software alerts users, when they land on an unsecured website. When users surf any malicious website they may encounter with malicious download; however, security software can observe and stop the malware running on system.
Upgrade the Browser:
Leading web browsers like: Mozilla, Internet Explorer, and Google Chrome periodically releases security patches, and version updates to protect users against potential vulnerabilities; including phishing attack. It is recommended for users to update their browsers for better protection. It takes a few minutes to update the browser, and a user will get protection with the most updated security.
Report about Phishing:
Whenever users encounter any phishing email, they should report to that particular authority. Users can also report about a phishing email to Google or Microsoft. On Google phishing reporting page, just fill details in the form and submit it. Such initiative helps authorities to make their security stronger and reveal about novel phishing techniques.
Conclusion:
Phishing is a general technique, but can cause huge damage to users and organizations. In modern times, attackers also send phishing emails to organizations to get the sensitive data of an organization. From the security prospective Extended Validation SSL can be a ideal security that helps business owners to protect their clients from Phishers. However, if we follow proper security precautions, then it is quite possible to mitigate such fake emails.
