Every day, thousands of online accounts get compromised, and cybercriminals use several different methods to hack into accounts and steal the user’s personal information. Phishing attack is the considered one of the most notorious methods of stealing information. Hackers can create a copy of a login page of a legit website and trick you to log into the website using this fake page. Once you have entered the information, it will be sent to the hacker instead of the original or legit website.

What’s terrifying is when you discover how easy it can be to create a phishing site and execute the attack. It only involves some form of copying of some website code and then merging it with malicious code. Any person with basic technical know-how can successfully perform a phishing attack. Below are some points on how you can quickly recognize and protect yourself against a possible phishing attack.

How to Recognize a Phishing Email


Phishing site links are mostly offered in emails, so here are some clues you should carefully look into:

1. Sender’s Email ID

First, check the sender’s email ID since it will not be the same as the company’s official email ID. For example, instead of customersupport@paypal.com, it will look like customersupport@paypa1.com. So make sure all the spellings on the email address are correct, and it should match the actual support ID of the company.

2. Misspelling and Grammar Mistakes

Most scam and phishing emails have misspelled words that sneak through the filters set up by email services. Misspelled words are mostly added in the subject of the email, some can be found in the email’s body as well. Also, these mistakes are sometimes hard to detect — like “Customer” is written as “Costomer” — so it’s better to do a thorough check. A legit company will revise the email multiple names as their reputation and name is at stake.

3. Shady attachments

The last thing you want to do with a suspicious email is to click on the attachment that came with it. A legit company will never send you attachments unless specified. Any malware that can be contained within the attachment could easily steal your information if you’re not very careful.

4. Email is Placed in Your Spam Folder

If you are suspicious about an email and are browsing it in your Spam folder, then why waste any more of your time? The filter is designed for a purpose — so just press the Back button or just completely the delete Spam mails you have to avoid any accidental harm.

5. Phishing Ads

Phishing links may also be provided in an advertisement that you can see on websites. There are already a number of Internet users who lost money when they accidentally click on an ad in Google Search instead of the home page of an online payment site. So be careful while clicking on any ads, no matter how convincing or enticing they read or appear. Furthermore, avoid clicking on any phishing link if possible, as it may contain ransomware as well that could steal your personal information.

How to Recognize a Phishing Website


Okay, so if you have already accidentally clicked on the link and you’re now on the website. Here are some ways to further determine if the site is legit or is simply a phishing attempt:

1. Check the URL

Don’t rely mostly on the website’s design as it will be almost identical to the legit one. However, they cannot copy the official URL of the website, so there must be some difference there. The name of the website will be misspelled like instead of “www.paypal.com,” it will be “www.paypai.com” or “paypao.com.” Notice that the “HTTPS” connection will also be missing. Check if the lock icon on the address bar is green or gray. Any secured website, like your bank’s, online payment site, or a social media site will always have a secure connection, which means the lock icon should be green.

2. Browser Alert

All popular browsers are competitive in detecting most phishing websites. If a browser gives a warning, pay attention to it, and do not proceed anymore.

3. Avoid the Pop-Up

Some phishing links may direct you to the original website, but a fake pop-up may show up after a short delay and then asks for your personal information. If ever you encounter this one, don’t hesitate to back out.

4. Give a Wrong Password

Phishing websites don’t have any means to identify if a password or wrong or right. If you give a wrong password, most probably you will be able to log in or be redirected to something. However, hackers are already aware of this trick and sometimes may just say “Wrong password” so that you’ll make multiple attempts in order for them to get all your known passwords to hack your accounts later on.

How to Protect Yourself


It’s too late — you clicked the link, and gave your personal information. In short, you fell for their trap. Don’t think of tracking them down via their IP address because it will be useless. Instead, focus on recovering your account and information you gave away. If it was an online payments account or your bank’s account, it’s best to call them the soonest and inform them about the situation.

Most likely, the cybercriminal will get into your account and change the password, so immediately go to the original website and use the Forget Password button to reset the password using your email. Popular services such as Google or Facebook also offer other ways to counter-attack such situations. Make an online search to see if you can get further help in adding extra layer of security to your account. Once inside, try to see all the settings and privacy options and identify what information did the hacker has changed. If the account had money in it, then contact support and ask if the transaction can be rolled back by any means; otherwise, it’s gone. One of the best ways to protect yourself from phishing attacks and other forms of scam is by enabling the two-factor authentication. Make sure to enable it if it’s provided by the website you’re using.

You should always remember that phishing attacks are not only limited to steal your information. These links may show you ads or download malware onto your PC to damage your personal data/files or extract information. And above all, be sure to use a good antivirus program to protect yourself.

Tags: ,

This entry was posted by Staff Writer on Saturday, September 17, 2016 at 6:47:36 AM and is filed under Computer Security & Data Protection.

Leave a Response