Phishing Scams: 8 Helpful Tips to Keep You Safe
Download as PPTX, PDF2 likes1,038 views
The document discusses the prevalence of phishing scams, explaining how they exploit users through deceptive emails and fake offers, with around 85% of organizations experiencing such attacks. It highlights common indicators of phishing emails, such as fake email addresses, grammatical errors, and unrealistic offers, and provides tips for safeguarding against these scams. Users are encouraged to enhance their computer security, regularly update systems, and report phishing attempts promptly to mitigate risks.
Phishing Scams: 8 Helpful Tips to Keep You Safe
- 2. Identifyand Preventthe RisingForceof PhishingAttacks When we think of hackers and cyber criminals, we tend to think of them as masterminds wearing hoodies, shutting down websites with their out-of-this-world coding skills (and godly swagger of course!). Well, that’s not always the case. Using a simple yet highly impactful technique like Email Phishing, any Tom, Dick, or Harry can fool users to commit online fraud. You don’t need to learn a dozen coding languages to employ phishing scams and take control of systems. A huge part of the reason that phishing is so popular is its lack of sophistication.
- 3. WhatisPhishing? • You may not understand the term ‘Phishing’, but chances are, you would at least have heard of it. • The thing about Phishing is that you may have fallen its victim without even realizing it. • Basically, it is a con trick. • In the email phishing method, the perpetrators send malicious links, viruses, malware, and detrimental files via fake messages, popups etc.
- 4. Phishing These emails often show lucrative offers, lotteries, discounts or they may act like an urgent action needs to be taken in the form of a password change or an email confirmation. On clicking the mischievous link, the user is redirected to a malicious website which can ultimately lead to disasters. An example of such email phishing has been demonstrated in the image below. Here, it looks as if the email has been sent by Amazon, but it hasn’t been. If a user misses the tiny details pointed out and clicks it, they are now at the mercy of their attackers.
- 6. PhishingStatistics From a cyber criminal’s point of view, phishing works like a charm. As a result, they have started widening their phishing net as much as possible. There has been a rampant rise in the number of phishing scams worldwide. Let’s have a look at the numbers involved.
- 7. Phishing Statistics Around 85% of Organizations fall prey to Phishing attacks. Almost 30% of phishing emails are opened by the users. Email attachments are the number one medium to deliver malware. The average cost of a spear-phishing attack is $1.6 million. One in every three companies has reported being the victim of CEO fraud emails (also known as whaling). 2016 saw a record number of phishing attacks. A report conducted by IBM reported a 6000% rise in Ransomware- infected files.
- 8. How to spot a Phishing email? If identifying phishing emails was an easy task, there wouldn’t be so many victims. Unfortunately, it isn’t. However, that doesn’t mean that you need Sherlock Holmes’s deduction skills to figure it out. Granted, these tricksters are pretty good at the art of conning. Nonetheless, if you pay a little attention, you can avoid being the next victim.
- 9. Identifying a Phishing Attack Fake Email ID 1 Grammatical Errors 2 No HTTPS 3 No images or logos 4 Unrealistic offers/discounts 5
- 10. 1. Fake Email ID Cyber criminals send emails that attempt to make you believe that they are from a legitimate, trusted organization. These messages may even include an original logo along with accurate headers and footers. However, it comes with a catch. The fraudsters may use the original logo, proper images, and thousand other things, but they cannot use the official email address of the company. That would be extremely difficult to accomplish. This is where you can identify the threat and slam the door in these imposters’ faces. Next time you receive an email, make sure you check the email ID of the sender.
- 11. 2. Grammatical Errors • We know that you are probably not a stickler for grammar, well, neither are the perpetrators behind fraud emails. • More often than not, these emails are comprised of some really silly grammatical mistakes. • Spotting these mistakes is not rocket science by any means. • Spot them, dodge them!
- 12. 3. No HTTPS • Reputed organizations such as PayPal must employ a secure connection between the client and the server to carry out transactions (in PayPal’s case it’s actually a matter of PCI compliance). • An SSL certificate must be installed on its website. • If a fraud email has been sent to you, most of the time the redirected website won’t have HTTPS as the prefix in the URL. • That’s a dead giveaway.
- 13. 4. No images or logos • Most of the times, phishing emails are written in HTML. • As a result, these emails are found in text format only. • They don’t have any logos or images whatsoever.
- 14. 5. Unrealistic offers/discounts • The word phishing has its roots in the word fishing. • How do you catch a fish? • You give it a bait, right? • Well, this is exactly what cyber criminals do. • If you see an offer or a scheme that is too good to be true, it probably is. • Don’t fall for it. IT’S A TRAP!
- 15. Tipstoprotect againstphishing scams • No matter how much attention we pay, sometimes we might miss a tiny detail. This can be enough to shut down your entire organization’s systems (no pressure, right?). Therefore, it is always recommended to have a fool-proof plan in place. Here are our tips to steer clear of phishing scams.
- 16. Protectyourselfagainstphishingscams 1 Improve your computer security 2 Keep your system up-to- date 3 Stay away from Popups 4 Keep checking your bank account statement 5 Enter your personal information in HTTPS-enabled website only 6 Avoid clicking on links from emails 7 Avoid entering personal information via public networks 8 Report a phishing scam ASAP
- 17. 1.Improveyour computersecurity • Whether you want to guard against phishing attacks or ransomware attacks or any other attack for that matter, improving your computer security should be on top of the list. This can be executed by deploying a firewall, anti-virus, spam filters, anti- spyware etc.
- 18. 2.Keepyoursystemup- to-date The updates exist for a reason—improvement. The developers keep rolling out updates every other day to remove the bugs and vulnerabilities present in past versions. So, keep updating all software including your operating system (OS).
- 19. 3.Stayawayfrom Popups • DO NOT click on the links given in a popup. • DO NOT share any of your personal information in a popup. • In short, don’t do anything on the popup. Stay Away!!
- 20. 4.KeepcheckingyourBank AccountStatement In order to prevent any thefts, keep checking your bank account on a regular basis to ensure that there aren’t any unauthorized, illegitimate transactions.
- 21. 5.EnteryourpersonalinformationinHTTPS-enabled websiteonly You may be aware of the fact that there are two communication protocols —HTTP and HTTPS. The ‘S’ in HTTPS stands for Security. Therefore, any data you enter, any transaction you make is safeguarded by means of an SSL certificate.
- 22. 6.Avoidclickingonlinksfromemails This is one of the most widely used technique to fool the users and making them fall into the trap. Even if you receive a mail saying that a person wants to be friends with you on a social media platform, don’t click on the link. Instead, go to the social media site manually.
- 23. 7.Avoidenteringpersonal informationviapublicnetworks • When you are connected to a public network, you are at the highest point of vulnerability. Even 12-year old Billy could creep into your device after watching a couple videos on YouTube and downloading an app. You certainly don’t want that, do you?
- 24. 8.Reportaphishing scamASAP If you are able to figure out a phishing scam, report it straight away. Ignorance is certainly not an option here. Where do you report it? First of all, report it to your email service provider. The service provider will stop the phishing emails from circulating. You should also report to the organization being targeted. For example, if you receive a spoof email from Amazon, then you should report it to Amazon.
- 25. Final Words What do you do when you are in front of a con artist? You pay attention. All they want is to sidetrack us and gain the advantage of that single moment of distraction. Don’t worry. Be aware, take the preventive measures and you should be fine.
- 26. Related Resources • Phishing by the Numbers: Must-Know Phishing Statistics • Why US Senate adopts HTTPS encryption? • Tools for Business in the Battle against Cyberattacks