DEV Community


Phishing Is A Serious Threat - Be Prepared

BragDeal Inc.
・3 min read

In all probability, you would have received a mail at some time or the other, asking you to visit a familiar website – with whom you are doing regular business – and update your personal information. When you open this website, you will be asked to verify or update your passwords, credit card numbers, social security number, or even your bank account number. Now we write quite a bit about how to protect websites’ security, but if you're not familiar with the ways of the Internet, you will head out there and update your information as you have been directed to, without smelling a rat.

Well, if you have followed such an email and have updated your personal/financial information on a website that seems similar to a website with whom you regularly do business, then, my friend, you have been "phished"! Your personal and financial information is now the property of hackers/phishers who will misuse it as soon as possible, causing you grave financial distress, loss of face and a bad credit rating.

Phishing (which is pronounced as “fishing”) refers to emil scams that are aimed at identity theft. You are sent an email on the lines of emails sent to you from banks, credit card companies, etc. These "phishing" emails then ask you to visit a website and update information such as passwords, usernames, social security numbers, credit card numbers. And like we said before, once you do that, there'll be hell to pay.

The "From" field of the phisher's e-mail will carry the real email address of the financial institution you deal with regularly. Even the website these phishing emails ask you to visit will look very close to the website with whom you do business, and even the website address mentioned in the email will be the same as the financial institution's, but it will actually link to the phisher's website.

Phishers are high-tech, professional criminals. They spend considerable time and effort in replicating a financial institution's website and to build an email template that appears genuine. The logos, colors and taglines used on a phiser's email and website are deceptively similar to the main website. Then these phishers spend time and money in stealing databases and then emailing the customers in the database, and asking them to update their financial information.

If you suspect you have received a phishing email, then here's one neat trick to figure out if the link given in the email is fraudulent or the real thing – Just point your mouse at the link and look at the bottom-left hand side of your screen. The real website address where you are being directed will show up there. This is a quick and easy way to check if you are being directed to a legitimate website. Be careful when checking the link, sometimes it could be just a letter off or have a .co instead of .com ending which might not be noticeable at first glance.

Lastly, even though Phishers can manipulate their way around, doesn’t mean we should let them do it easily. Ever noticed these fancy animated ads that popup on your email box or a website you browse? Do you have Flash Player installed? There are some risks. Here is the thing, phishers can get information through an animated image on your screen. It’s a bit scary isn’t it?! Just like they coded that animation to do what it does, they can also add a script to get into your computer and sniff around areas you most likely didn’t know about or allowed access to. So yes, your information might be at risk if you don’t take the proper security measures. Read more about this topic here.

Here's one rule you must follow – never click on links within emails unless you're dead sure the email is from a genuine party. If you suspect the mail is from a phisher, delete it immediately and empty the trash folder. If you feel you are missing some emails or notices from an important financial website, then do take the trouble to type its entire URL address in your browser – You will at least be confident that you are visiting the legitimate website.

Discussion (0)