Phishing is a form of social engineering attack that is frequently used to steal consumer data, such as login credentials and credit card numbers. It occurs when an attacker, disguised as a reliable entity, tricks a victim into opening an email, an instant message or a text message. The receiver is then tricked into clicking on a malicious link, which can lead to malware installation, freezing of this machine as part of a ransomware attack or even the disclosure of information. This article will talk about the types of methods and avoidance.

Phishing techniques

Below is a brief look at five antivirus threats that frequently arise in business environments. Each example presents "Bob", a mid-level worker in the finance department who hopes to overcome his hectic day and react to countless emails.

1. Breach of trust: Bob receives an email of what he thinks his bank is asking him to confirm a wire transfer. The email takes you to a connection that resembles your bank's site, but in reality it is a "fake" copy but identical to your bank's website. When he reached the page, he entered his credential but nothing happened. Too late, Bob gave his bank password to a cybercriminal.

2. Fake lottery: Bob receives an email saying he won a trophy for a draw. Normally, Bob is too smart to fall for this suggestion. This email leaves your supervisor, Joe, and refers to a charity they support. Click and end on a fake page that loads malware.

3. Data update: Bob receives an email from Joe telling him to take a look at an attached document. The registry contains malware. Bob may not even realize what has happened. He looks at the record, which seems normal. The malware can record that its keystrokes weaken the network and cause massive security breaches throughout the organization.

4. Sentimental abuse: Bob receives an email from someone who claims to be Joe's brother-in-law. He suffers from cancer and has canceled his insurance. He asks Bob to donate to help him recover from his illness. Bob clicks on the link and can be taken to a fake charity website. The website could host malware or simply steal Bob's credit card information through a fake "online donation."

5. Impersonation: Bob receives an email from his manager Joe, who tells him that he needs money transferred to a vendor known as prepaid for an emergency occupation. Can Bob send them the money immediately? It seems quite regular. Bob sends the money to the requested account. Money cannot be traced and never found again.

Avoid phishing attacks

1. Stay informed about phishing techniques: new phishing scams are being developed all the time. Without staying together with these phishing methods, you can fall prey to one of them without realizing it. Watch for information about new phishing scams. Upon hearing this as soon as possible, you will have less chance of being caught by one. For IT administrators, continuous security awareness training and simulated phishing are recommended for all users to keep security in mind during the organization.

2. Think before clicking! - It's okay to click on the links when you're on reputable websites. However, clicking on hyperlinks that appear in random emails and instant messages is a smart move. Scroll over the links you are not sure about clicking on them. Can you lead in what you are supposed to lead? A phishing email can claim that it is from a legitimate company and if you click on the URL it may look exactly like the real site. The email may ask you to complete the information, however, it may also not contain your name. Most phishing emails will begin with "Dear Customer," so be alert once you receive them. When in doubt, go instead of clicking on a potentially dangerous connection.

3. Install an antiphishing toolbar: many popular web browsers can be customized using antiphishing toolbars. These toolbars perform checks you are viewing and compare them. If you run into a malicious website, the toolbar will alert you about it. This is simply one more layer of security against phishing scams, and it's free.

4. Confirm the security of a website: it is natural to be a bit cautious about providing confidential financial information on the web. While you are in a safe place, you should not encounter any problems. Before sending any information, make sure that the website URL begins with "https" and that there is a closed lock icon near the address bar. Also evaluate the security certificate of the website. If you receive a message that indicates that a certain site may contain malicious documents, do not open the site. Never download files from emails or suspicious sites. Even search engines can reveal certain links that can take visitors to a phishing website that offers low-cost products. In the event that the consumer makes purchases on this site, cybercriminals will access the credit card data.

5. Evaluate your online accounts regularly: if you do not visit an Internet account for a while, it is possible that someone has a picnic with her. In the event that you technically do not have to do so, check regularly with each of your online accounts. Get used to changing your passwords regularly too. To stop the phishing scams of bank cards and credit cards, you must personally verify your account statements regularly. Obtain account statements in your financial accounts and check each entry carefully to ensure that no fraudulent transactions have been made without your knowledge.

6. Keep your browser updated: security patches for popular browsers are released all the time. They are launched in response to phishers and other hackers inevitably detect and exploit. If you normally discard messages about updating your browsers, stop. When an update is available, download and install it.

7. Use firewalls: high-quality firewalls act as buffers between you, your personal computer and external intruders. You must use two types: a desktop firewall and a network firewall. The first solution is a kind of software, and the second alternative is a form of hardware. When used together, they dramatically reduce the likelihood that hackers and phishers infiltrate your computer or your system.

8. Be careful with pop-ups: pop-ups are often masked as legitimate components of a website. Too often they are phishing attempts. Many popular browsers allow you to block pop-ups; You can allow them on a case by case basis. If one manages to slip through the cracks, do not click on the "cancel" buttons, as these buttons usually lead to phishing websites. Instead, click on the small "x" in the upper corner of this window.

9. Never provide personal information: as a general rule, you should not share personal or financial information from the network. This principle dates back to the days of America Online, when users had to be constantly warned due to the achievement of the first phishing scams. If in doubt, visit the main site of the company in question, receive their number and call them. Most emails will guide you to the pages where admissions are needed for financial or personal information. An online user should never make confidential entries through the links in emails. Never send an email with information to anyone. Get used to looking at the site address. A secure site always starts with "https".

10. Use antivirus software: there are many reasons to use antivirus software. The special signatures included with the antivirus software protect against technological solutions and gaps. Be sure to keep your software updated. New definitions are added all the time because new scams are being invented all the time. Anti-spyware and firewall settings should be used to reduce phishing attacks and consumers should update programs regularly. Firewall protection prevents access to malicious documents by obstructing attacks. The Norton antivirus software with Norton Product Key scans every document that arrives through the web. It is useful to stop damage to a system.