{"id":76904,"date":"2018-06-26T16:21:01","date_gmt":"2018-06-26T10:51:01","guid":{"rendered":"https:\/\/blogs.quickheal.com\/?p=76904"},"modified":"2018-06-26T16:29:51","modified_gmt":"2018-06-26T10:59:51","slug":"what-is-phishing-and-how-to-avoid-it","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/what-is-phishing-and-how-to-avoid-it\/","title":{"rendered":"3 common types of phishing attacks and tips to avoid them"},"content":{"rendered":"

Phishing is one of the oldest tricks in the book of hackers. But as old as it might be, phishing still remains the most lucrative tool for cybercriminals; as they say, old is gold. This post tells you about the 3 common types of phishing attacks and tips to avoid them.<\/p>\n

What is Phishing?<\/strong><\/h3>\n

Phishing is a fraudulent activity to trick you into revealing your personal and confidential information. This information usually includes bank account details, net banking details, credit\/debit card numbers, login ID and passwords. There are different ways an attacker can launch a phishing attack. These are the 3 common types of phishing attacks<\/p>\n

#1. Phishing by EMAIL<\/span><\/strong><\/h3>\n

A phishing email is a fake email that looks likes crucial communication send by a bank or a popular website. This email carries a tone of urgency so that it tricks you into taking an action like clicking on a link or downloading an attachment.<\/p>\n

> Clicking on a link in a phishing email will take you to a fake website. This website might ask you to share confidential information or it might just drop a virus on your device.<\/p>\n

> Downloading an attachment will (in most cases) infect your computer with a virus.<\/p>\n

Here’s a sample of a phishing email. Notice that the email asks the user to click on a link (marked in red) otherwise their bank account will get suspended. This is a classic example of a phishing attack.<\/p>\n

\"phishing_email_from_bank\"<\/a><\/p>\n

[Source<\/em>: https:\/\/www.banksafeonline.org.uk]<\/p>\n

#2. Phishing by CALL<\/span><\/strong><\/h3>\n

In a phishing call scam, you will receive a phone call from a person posing as a bank manager<\/strong> (in most cases), an employee of a software firm, or any other known organization. The purpose of the caller is to trick you into sharing confidential information (debit card number, ATM PIN, expiry date, CVV and OTP).<\/p>\n

This is how a phishing call (that looks like it is from a bank employee) might go:<\/p>\n

Is this Mr. Brown? This is a call for you from (a popular) Bank. We have received reports of illegal withdrawals from your bank account. In order to contain the situation, and safeguard your account, we need to confirm your account number, expiration date, four digits at the back<\/i>\u2026\u201d and so on.<\/p>\n

#3. Phishing by SMS<\/span><\/strong><\/h3>\n

The third common type of phishing attack uses SMS and is called SMiShing<\/strong>.<\/p>\n

You will receive an SMS (WhatsApp message in most cases) informing you about an unbelievable offer (from an online store, about flight or movie tickets, etc.). This message will ask you to redeem the offer by clicking on a link.\u00a0 Again, this will take you to a fake website that might ask you to share confidential information or infect your device with a virus<\/p>\n

Example of a phishing SMS\/message<\/strong><\/p>\n

\"\"<\/p>\n

Read about this WhatsApp scam here.<\/a><\/p>\n

Easy tips to avoid phishing attacks<\/span><\/strong><\/h3>\n

\u2022 Never respond to unwanted, unexpected emails, calls or SMSs – especially those that ask for personal or confidential information.<\/p>\n

\u2022 Your bank will never ask you for confidential information via emails, calls or texts. If you do receive any such communication, do not respond; even better, report the incident to your bank.<\/p>\n

\u2022 Avoid accessing websites via links in email messages\/SMS; especially those asking for personal information.<\/p>\n

\u2022 Do not fill any kind of form that comes along with an email.<\/p>\n

\u2022 Ensure the website that you are sharing your personal\/financial information with is secure. A secure website\u2019s URL should always begin with \u201chttps<\/strong>\u201d instead of \u201chttp\u201d. Also important is the presence of a lock symbol on the website (see figure a). Clicking on the lock icon should display the digital certificate that verifies the authenticity of the website.<\/p>\n

\"secure-website-browser\"<\/a><\/p>\n

Fig a.<\/p>\n

\u2022 Look for spelling mistakes, grammatical errors or bad language in any email you receive; especially the ones you were not expecting. Emails from a genuine organization are proofread and edited before they are sent out to the customers.<\/p>\n

\u2022 If you receive an email containing link(s), do not click it. Hover your mouse over the link and take a look at the left hand corner of the browser. It will display a link. Check if this link matches the one in the email. If it doesn\u2019t, then suspect it as a phishing attack.<\/p>\n

\u2022 If you receive any email from your bank that conveys a sense of urgency or threat, then call up your bank and verify the situation.<\/p>\n

\u2022 Keep your system\u2019s operating system, software (Java, Adobe, etc.) and web browsers up-to-date.<\/p>\n

\u2022 Install an antivirus<\/a> that can block websites and emails designed for phishing attacks.<\/p>\n

\u2022 Check your bank statements regularly. If you see any unauthorized transactions, inform your bank immediately.<\/p>\n

 <\/p>\n

If you found this post helpful, share it with your friends on Facebook<\/a> or Twitter<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Phishing is one of the oldest tricks in the book of hackers. But as old as it might be, phishing still remains the most lucrative tool for cybercriminals; as they say, old is gold. This post tells you about the 3 common types of phishing attacks and tips to avoid them. What is Phishing? Phishing […]<\/p>\n","protected":false},"author":6,"featured_media":86437,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,303,304],"tags":[651,652,653,25,521,654,202,655],"class_list":["post-76904","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-email","category-phishing","category-social-engineering-2","tag-identiy-theft","tag-internet-fraud","tag-online-scan","tag-phishing","tag-phishing-email","tag-phishing-websites","tag-smishing","tag-vishing"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/76904"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=76904"}],"version-history":[{"count":9,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/76904\/revisions"}],"predecessor-version":[{"id":86443,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/76904\/revisions\/86443"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media\/86437"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=76904"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=76904"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=76904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}