How do I stay safe from phishing attacks?

What is Phishing?
The method by which sensitive information such as usernames, passwords, and credit card details is acquired for malicious reasons is known as Phishing. Cyber Criminals camouflage themselves as a trustworthy entity. They use electronic communication medium to steal information like Phishing email messages, websites etc. They use social engineering to convince you to install malicious software or hand over your personal information under false pretenses.
Types of Phishing Attacks
· Deceptive Phishing - The most common broadcast method today is a deceptive email message. Messages about the need to verify account information, system failure requiring users to re-enter their information, fictitious account charges, undesirable account changes, new free services requiring quick action, and many other scams are broadcast to a wide group of recipients with the hope that the unwary will respond by clicking a link to or signing onto a bogus site where their confidential information can be collected.
· Malware-Based Phishing - It refers to scams that involve running malicious software on users' PCs. Malware can be introduced as an email attachment, as a downloadable file from a web site, or by exploiting known security vulnerabilities.
· Keyloggers and Screenloggers - They are varieties of malware that track keyboard input and send relevant information to the hacker via the Internet.
· Session Hijacking - It’s an attack where users' activities are monitored until they sign in to a target account or transaction and establish their bona fide credentials. At that point the malicious software takes over and can undertake unauthorized actions, such as transferring funds, without the user's knowledge.
· Web Trojans - They pop up invisibly when users are attempting to log in. They collect the user's credentials locally and transmit them to the phisher.
· System Reconfiguration - Attacks modify settings on a user's PC for malicious purposes.
· Data Theft – Thieves get profit from selling confidential communications, design documents, legal opinions, employee related records, etc., to competitors or those who want to cause economic damage.
· DNS-Based Phishing ("Pharming") – It is the term given to hosts file modification or Domain Name System (DNS)-based phishing. Hackers tamper with a company's hosts files or domain name system so that requests for URLs or name service return a bogus address and subsequent communications are directed to a fake site.
· Content-Injection Phishing – It describes the situation where hackers replace part of the content of a legitimate site with false content designed to mislead or misdirect the user into giving up their confidential information to the hacker.
· Man-in-the-Middle Phishing – In these attacks hackers’ position themselves between the user and the legitimate website or system. They record the information being entered but continue to pass it on so that users' transactions are not affected.
· Search Engine Phishing – It occurs when phishers create websites with attractive offers and have them indexed legitimately with search engines. Users find the sites in the normal course of searching for products or services and are fooled into giving up their information.
How to Deal with Phishing Scams
· Delete email and text messages that ask you to confirm or provide personal information. Legitimate companies don't ask for this information via email or text.
· The messages may appear to be from organizations you do business with, for they might threaten to close your account or take other action if you don’t respond. Don’t reply, and don’t click on links or call phone numbers provided in the message. These messages direct you to spoof sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.
· Use trusted security software and set it to update automatically.
· Don't email personal or financial information. Email is not a secure method of transmitting personal information.
· Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
· Be cautious about opening attachments and downloading files from emails. These files may contain viruses or other malware that can weaken your computer's security.
· Report Phishing Emails.
HAVE A NICE STAY HERE.
Hope it will help--!!
-Tajwar khan

Comments

Popular posts from this blog

What are the best ways to earn money online?

What is the best way to start learning ethical hacking and cyber security from beginning?

Are iPhones safe from virus attacks??