Cyber security remains a major challenge for any individual and even for the government where awareness is limited with respect to various cyber threats which evolve accordingly with the advancement of technology. Cyber attacks, hacks and security breaches on the Internet are no longer an exception. Phishing is a common type of cyber attack that everyone should learn about in order to protect themselves.
What is phishing?
Phishing is the practice of sending fraudulent communications that appear to come from a reputable source. It is technique used by cyber criminals to trick the email recipient to believe that the message is a way to acquire information such as usernames, passwords, PIN, bank account and credit card details by masquerading as a trustworthy entity through e-mail. Phishing is typically carried out by e-mail or instant message spoofing and it often directs users to enter details at a fake website which look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to mislead users.
How does a phishing email message look like?
Different ways cyber criminals try to target women?
Women becoming victims through Phishing attacks is on high and it poses major threat to security of a person as a whole. Here we present a few ways in which it can happen. Phishers often use various methods to target women. They may try to persuade through their email with subject line that can attract the target. Common phishing techniques include offers or prizes won in fake competitions such as lotteries or contests by retailers offering a winning voucher etc. Let us check a few ways that they may target women through Phishing emails.
Exciting offers through email
Cyber criminals check in general for the shopping trends in Online shopping portals. With that information they send phishing emails which catch targets attention. They give offers on specific products which are of interests for women in a believable way by use of graphics in email that look identical to legitimate websites but actually it takes you to phony scam sites or legitimate-looking pop-up windows. So women are often attracted by lower priced offers and fall into the trick played by phishers. They click on the link to avail the offer and purchase the product. They end up sharing their sensitive personal information which can lead to further problems. Let see a recent example of fake chain emails on Netflix as shown in the image. Once you click the red button "Check if you’ve won", you will be offering scammers all your personal information, which they can use for identity theft.
- Check on the authorized website before clicking on the link to ensure that such offers are available.
- Too good to be true offers may often be a scam.\
Spoofed emails
Email spoofing is one of the primary methods by which phishers acquire sensitive information from unsuspecting Internet users. They send mails on behalf of banks asking for some vital information, asking the target to click on a link which redirects to a banking website. These banking websites ask target to provide sensitive data such as username, password or credit card details etc. Phishers spoof these email and websites of banks with similar looking logos. They use the web addresses that resemble the names of banks but are slightly altered. This is why you should never click on a link in an email from bank or your credit card company. Unfortunately, many people fall victim to bank phishing scams and inadvertently give out sensitive information cyber criminals.
- Check the source of information as banks never ask for username and passwords though mail or by call.
- When you are in doubt, try to contact the toll free number or any other contact provided by the bank.
- Never click on links received through emails to visit your banking website.
Threatening mails
Sometimes you may receive a threat mail saying that your webmail account would be closed if you do not respond to an e-mail message. The e-mail message shown above is an example of the same trick. Cybercriminals often use techniques to make one believe that security has been compromised. They may try to create a situation of urgency to make you reveal your sensitive information. Cybercriminals might call you on the phone and offer to help solve your computer problems or sell you a software license.
- Do not respond to the message, or get someone to speak to them on your behalf, it may only encourage the sender or make the situation worse.
- Take a screen shot of and retain any letter or message, if it is later deleted then you will still have a record of what was said.
How it can happen?
Step 1: Cross check the URL in the browser
Don’t enter your information in the websites that start with numbers
Step 2: Always check for the misspelled URL
So Always key in the URL in the address bar yourself don’t copy and paste
Step 3: Online banking should always be in "private browsing" mode, and the browser should be closed before AND after using a banking site.
Always check for the trusted website which has https and padlock
Step 4: Always view any email request for financial or other personal information with suspicion, particularly any “urgent” requests. When in doubt, do not respond to questionable email or enter information on questionable websites. You may also contact the alleged sender to confirm the legitimacy of communications you’ve received.
An Example of Phishing site, the look and feel of the Punjab national bank is same.
Step 5: Never respond to the emails that ask for your personal information like credit