According to Wikipedia, Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
Something Phishy I Guess? Below I mentioned some common signs of phishing. Even though phishers are skilled in one way, they are unfortunately bad in several aspects like poor English Grammar! 😀
MUST READ : Beware Of Social Engineering Attacks
What are the Signs of Phishing?
To identify a phishing thing is quite tricky! Phishers are skilled and in the same way they too leave some clues for us. Here are some signs of phishing.
- Requests for personal information. If you get a request for personal information, then first call the company and make sure that request is legitimate or not.
- Sense of Urgency. Phishers mostly attempt to make people to respond without thinking. If a message conveys a sense of urgency like saying that this account will be closed in 2 days if you are not taking immediate action.
- Errors and Mistakes. This is the biggest clue for us indeed. Phishers often make mistakes in their mails, warnings and so on.
- Addressed like Customer. For example if your bank addresses you regularly by name in its correspondence and you get an e-mail addressed to Dear Customer, This may be a work of a phisher!
- Words like Verify your account. A legitimate Business or Organisation will never ask its customers to send passwords, Security numbers or any other personal details through e-mail. So always be suspicious of a mail that asks for personal information no matter how authentic or genuine it looks.
- With links to Access your account. Your mails have may have links to access your account to some websites, since many emails are HTML formatted. But these may be fake links, they can take you to a fake or phony website indeed.
- Use your instincts. If you think an Email is fake or it is a work of phishers, it probably is !
Technical Note : Phishers commonly use this technique. The Uniform Resource Locator (URL) will appear to be an authentic one from well-known company but will be slightly altered by intentionally adding, omitting, or transposing some letters.
Example : For www.godaddy.com
It will be like this,
How to Respond to Phishing?
If you receive an email which is believed to be phishing attempt, no matter why or what, don’t reply to it or click the links on it. Rather report this incident and visit the organisation’s website or use their contact number.
If you are victim of this attempt i.e., you have given your personal details or some worthy information to the phisher, you should report this incident immediately to :
- The company that was spoofed or involved.
- Any bank or institution for which you disclosed your personal details.
- At least for one of the major Credit Reporting Companies.
- Your local police Station and file a complaint.
- The Federal Bureau of Investigation (FBI) through the Internet Crime Complaint Center.