Watch out! Phishing Attacks Break Your Pockets, Here's How To Prevent It

 


Careful! Phishing attacks continue to lurk on the internet. Countless people have become victims, the losses incurred reached billions of dollar.

You don't want to be the next victim. For that, follow these tips to prevent phishing attacks from Kaspersky, Sunday (11/14/2021):


1. Check and examine email carefully

When you receive an email, especially one containing a sweepstakes win announcement, do not rush to reply or follow the instructions. The first thing

all you have to do is look for signs of phishing.



Here are some signs that a message contains a phishing attempt:


The subject of a dramatic message. Common themes usually include transferring large sums of money, financial compensation, notifications of hacked accounts, and other fraudulent transactions. It also emphasizes the seriousness of the situation. Phrases like 'Last notice!' or 'Only 3 hours left' as well as the excessive use of exclamation points meant to rush the victim, panic, and put down

vigilance.

Various typos and spelling errors, to strange characters in the text. Some cybercriminals really struggle with English, though attackers sometimes intentionally make mistakes like 'millions' or use letters from the alphabet.

different in an attempt to bypass spam filters.

Inconsistent return address. An email address with lots of random letters and numbers or the wrong domain name are sure signs of a fake email when the sender claims to be from a large organization.

Links in emails if any - or the website they go to. Check each link carefully, you can check the link by hovering over it and reading the address carefully. Cybercriminals usually assume that victims don't pay close attention to detecting oddities in well-known company or brand names - for example, sumsung.com or qoogle.com.

The above checks should be enough to keep users away from phishing attempts from emails. However, sender names and addresses can be spoofed, links can be shortened to make them unreadable, and automatic redirect chains can be set up to redirect from web addresses that are not

too suspicious to the actual phishing website.


You can also check if the gift is real by using a search engine to find the official website of the company that is supposed to give it. Then check the prize information on the site.


2. Stay alert on messaging apps or on social networks

Email isn't the only thing to look out for. Messages you receive on messaging apps and on social networks have the same potential for harm. What can be done? As with email, check each link carefully, and if possible don't click on it at all.


3. Pause before entering bank account info

Bank card details are very sensitive as they provide direct access to personal money. That's why you should double-check and think

carefully before submitting those details to a site.


First, pay close attention to the address. Still the same method: typos, numbers instead of letters, hyphens in unexpected places, and suspicious domain names. If you see something like that, leave the website and try entering the address manually.


Having a lock icon is not a guarantee of security, but from there you can learn more about who owns the website (browser

have a different name for the relevant tab, such as certification or secure connection).


If you are shopping online, including purchases from small companies and private sellers, we recommend using a separate card. Keep a small amount of money in it and transfer the money to the destination as needed. That way, even if your card details are stolen, you won't lose a large amount.


4. Use a different password

If you use the same password for different accounts, even if it is a very reliable password. Because there is a risk of having all accounts compromised if one day you enter them on a phishing website. It is important to use unique and different passwords for each website and application.


If you find it difficult to find and remember dozens of new passwords for each platform and online store, use a password manager. The password manager also acts as an additional check to prevent phishing. If you open an app or site and find it doesn't autofill your login and password, then it's probably the site

false.



Second, password managers can generate passwords that are difficult to crack. Third, some password managers have additional useful features. For example, Kaspersky Password Manager can check your passwords and tell you if they are weak, have been used for different accounts, or have been in a compromised password database.



5. Set up two-factor authentication to protect your account

Many phishing attacks aim to hijack an account, but even when the attacker gets the login and password, you can still stop them from logging into the account. The trick is to implement two-factor authentication if possible.


After doing so, you will need an additional temporary verification code to log in. You will receive it by email, text, or at

authenticator application. After that the attackers will not get it.


However, keep in mind that attackers can also create fake login pages that ask for one-time two-factor authentication codes. That's why it's better to protect important accounts using hardware-based authentication with a USB key like YubiKey or Titan Security Key by Google.


Some authenticators use NFC and Bluetooth to connect to mobile devices. The advantage of using a hardware based security key is that it will never reveal secrets on fake websites. A website needs to send the right request to get the right answer from an authenticator, and that is something only the real website knows.



6. Use reliable protection

Of course it's hard to constantly look for red flags and check every address, link and so on. But this is a task that can be automated, and you can rely on a security solution like Kaspersky Security Cloud to protect yourself from phishing hazards. Protection

cloud-based will notify in a timely manner if a user tries to open a malicious page and will block the threat.

Previous Post Next Post

Contact Form